‘Redpill’ Spyware Used for Seizing Information from Indian Internet-users
Symantec the security company warns of one spam outbreak that recently targeted people surfing online in India. Laced with a harmful file attachment recognized to be Spyware.Redpill, the spam mails helped cyber-crooks capture secret information.
The security company in one statement states that if the attachment is opened it shows a pop-up saying the file is tainted. But, behind the screen, the malware quietly runs unnoticed to the user as it starts stealing data. Specifically, when the malware gets loaded onto the hijacked PC, a registry is created.
Interestingly, Spyware.Redpill isn't unknown because Symantec states that it was crafted for garnering data on behalf of people who wanted perceiving about their partners whether they spied on them.
In another remark regarding the assault, Director Abhijit Limaye of Development, Security Response at Symantec opined online that after theft of the data, it was dispatched to one particular e-mail account. When Symantec investigated it discovered everything about the A/C that showed that the attacker got the captured information in that A/C, for e.g. there were 12,000-or-more e-mails that came into it during March 2013. Thus it clearly indicated that the perpetrators of the spam weren't seeking details about many cheating spouses rather they were looking for precious personal info as well as account particulars, Limaye explained. Symantec.com published this dated April 11, 2013.
It was evident that the stolen data comprised account credentials of social-networking websites, e-mails composed and sent from hijacked PCs, bank account particulars along with various documents' screenshots, Limaye added.
Moreover, the e-mail A/C in question as well had an id as backup. That id had been traced to one person belonging to a stealthy forum where he sought for purchasing e-mail accounts, probably for developing and distributing fresh malicious programs having various hard-coded credentials incorporated.
However, for staying safe from the above assault, Limaye said that Internauts required ensuring they adopted the most optimum safety measures, while made sure their software patches were up-to-date and properly deployed, as well as they applied the most recent virus definitions and technologies to safeguard themselves from online-threats. Dnaindia.com published this dated April 15, 2013.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 18-04-2013