Online Attackers of 2010 Google Continue to Operate, States Symantec
One fresh report that Symantec the security company just released reveals that a certain online scammers' gang that possibly was responsible for the 2010 assault against Google's structural systems continue to run while employing increasingly advanced tools at the present juncture.
The security company also found that there was an astonishing number of zero-day exploits in use as the scammers seemingly targeted chain of producers of defense equipments, IT service vendors, and non-governmental and human rights establishments.
And when Symantec began tracing the origin of assaults, it traced those which employed Trojan Hydraq also called Aurora of 2009. Of late nevertheless, the scammers are employing an improved method that's named "watering hole" assaults meaning assaults, which wait patiently to find gullible victims.
These newer cyber-criminals work methodically as well as re-use parts belonging to a system structure, Symantec calls 'Elderwood platform,' the company outlines.
Symantec introduced Elderwood's name after deducing it from the exploit interchange of messages utilized within a few of the assaults. With the Elderwood platform, attackers can swiftly leverage zero-day exploits. Utilization of spear phishing tactics has been their usual attacking technique; however, Symantec is currently observing more-and-more use of assaults based on 'water holing,' implying hijacking of those websites attackers think their targets will access even before they actually do.
Incidentally, Symantec Security Response explains how the assault can be matched with a predator resting patiently near any desert's 'watering hole.' Knowing that preys are sure to arrive at the spot to drink water, the predator instead of going hunting remains there for the automatic arrival of victims. Overall Symantec states that in the Aurora attacker group's instance, this method includes abusing the target website followed with hijacking as also mechanically loading one backdoor type Trojan onto all computers which access that website. The security company observed a maximum of 3 separate zero-day assaults getting launched over thirty days within associated assaults, it says.
It (Symantec) also says that the gang apparently knows any number of zero-day security flaws that are exploited according to requirement, usually in close succession when there's an imminent leak of a presently utilized flaw.
Related article: Online Lotteries Offer Phishing Jackpots
» SPAMfighter News - 14-09-2012