New Variant of Malware Known as ‘SyKipot’ Pops Up, says Trend Micro
According to security firm Trend Micro, Sykipot which is a malware family since 2007 continues to be active with a recent behavior known as BKDR_SYKIPOT.AG.
The malware (referring to SyKipot) has not changed much all through the years and its aim is uncomplicated and always same which is - once it achieves admission into a system, it (malware) establishes an SSL (Secure Sockets Layer) connection to a command and control (C&C) server from which other malware is downloaded and installed and run on the machine of the victim.
It has frequently been employed in campaigns aiming the US defense industry and government suppliers together with some manufacturers of computer hardware and telecoms.
But researchers of Trend Micro spotted in last campaign that attackers have suddenly focused on businesses working in the civil aviation sector of US.
The Sykipot invaders are famous for their usage of zero day exploits to distribute victims from backdoor together with their perseverance and particular targeting which is an additional clue that tips to their temperament as state sponsored hackers.
The researchers are forewarning US based entities particularly those in civilian sectors which are important to the infrastructure of country to be aware of similar campaigns and advising them to maintain their systems updated along with securely configured if upgradation of security is not possible for any reason.
Blog.trendmicro.com published a statement on 4th September, 2013 quoting a blog by Darin Dutcher, Threat Researcher of Trend Micro while explaining the latest attack in detail as "this type of attack arrives through email messages and it is essential for institutions to execute good quality social engineering program. This can facilitate organizations, its workers, managers, etc., to be cautious of such email messages which may perhaps carry malware linked campaigns resembling SyKipot."
However, Trend Micro didn't indicate the origin and the intention of the latest attack.
Upi.com published news on 5th September, 2013 quoting a statement issued in July 2013 by Gen. John Davis, U.S. Army Maj. Gen., a policy advisor with the military as "cybersecurity was fast becoming one of the country's top national security priorities."
» SPAMfighter News - 13-09-2013