Imuler Malware Once Again Strikes Targeting Tibetan Activists
Security companies have issued an alert that a new e-mail scam is targeting Tibetan activists that infects their computers with Trojan Imuler (also called Revir) whose first version was detected during September 2012. The e-mail attack relies on pictures of other collectives who favor a distinct Tibetan entity, to serve as lure for victims to open attachments. Securityweek.com published this dated November 14, 2012.
Specifically, Intego, F-Secure and Sophos the security companies state that the new Imuler variant resembles its other versions. Therefore, it too captures stored data from victims' PCs by hunting down relevant files followed with taking their screen shots. A characteristic of Imuler noted is its attacking of computers that use Mac OS X.
Security Researcher Lysa Myers at Intego says the captured data is subsequently transmitted online onto the computer of Imuler's controller. The process makes a distinct situation of connecting the infected Mac device along with its seized data with the controlling computer. The backdoor further lets fresh files to get pulled down on the target PC, Myers explains. Intego.com reported this on November 12, 2012.
A thing to note about the above assault is that it seemingly aims at supporters of the government of Tibet and the Dalai Lama. Similar as with the earlier dual assaults that used Imuler, the success of the current one makes sure data is stolen while the attacker gets entire hold over the system. And regarding the person perpetrating the assault, there too is active speculation.
Remarking about the new e-mail outbreak, Senior Technology Consultant Graham Cluley at Sophos states that the e-mail receivers can be left to decide the list of final perpetrators they think will seek hacking into one-or-all Tibetan organizations' PCs. Nakedsecurity.sophos.com published this dated November 13, 2012.
Previously during the current year (2012), one other Mac-targeted assault tried to break into Tibetan supporters' systems. That one used Trojan 'Mac Control' that runs as the target computer boots up followed with linking up that PC with the remote command-and-control system. Examination of the malware revealed features of its letting remote shells while transmitting, accepting or erasing data-files.
» SPAMfighter News - 22-11-2012