Cybercriminals After Law and Public Relations firms
As per the latest warnings from FBI, cybercriminals are using unique subject lines in their e-mail scams, which have been developed to involve users with specific business content. US law agencies and public relations firms are the targets of this spear phishing e-mails laden with malicious content.
The FBI revealed that the e-mails appear to be originating from a trustworthy source based on the significance of the subject line. Hackers, in this approach, are adding a spoofed link to the domain hosting a malicious file or appending the file directly to the e-mail and are tempting netizens to click on that link or attachment.
In case the malicious payload is executed, it will try to download and run the file 'srhost.exe' of domain 'http://d.ueopen.com'; for instance, http://d.ueopen.com/srhost.exe. Thus, the FBI officials suggested that any traffic related to "ueopen.com" must be thought of as an indication of an existing network hack.
It is learnt that it is not necessary that the malware-laden file appears as a .exe file. On some occasions, the file has also appeared as '.jpeg' and '.zip' file.
Cyber experts believe that the trend of hacking into the networks of law agencies began a couple of years back, but it has now grown tremendously.
Giving his comments on the issue, Unit Chief with cyber division of FBI, Bradford Bleier, said that law firms possess very critical, personal information. Therefore, breaking into the computers at these firms is the best way to collect financial and personal details, reported The Baltimore Sun on November 17, 2009.
This alert from FBI follows a report released in third week of November 2009 that was in concern to the US national cybersecurity. According to the Government Accountability Office, the increasing connectivity between the Internet, information systems and other infrastructures has provided hackers with the opportunity to disrupt critical public services like telecom and electrical power.
The report said that government, private sector and individuals are continuously shifting to networked operations with the increasing capabilities of digital systems and the design, manufacture and service of information technology moving overseas. Consequently, the cyber threat landscape is expected to expand.
Related article: Cheburgen.a: A New Email Worm
» SPAMfighter News - 27-11-2009