Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Malware Installed on Buffalo Website, States Symantec

According to Symantec, consumers of Buffalo the manufacturer of networking and storage devices, after pulling down specific files from Buffalo's official site, during May end-week 2014, in Japan, possibly had their PCs contract a Trojan designed to steal banking info.

Buffalo, which posted a security advisory dated 2nd June 2014, cautioned consumers of somebody who had manipulated ten files the company's website provided for download on 27th May, 2014, during 6:16am to 1pm.

The attackers after tampering with those ten files to make them malicious posted them on Buffalo's site, and a total of 540 individual Internet Protocol addresses were found downloading them 856 times, Symantec's researchers stated. Pcworld.com reported this, June 4, 2014.

As accords to Buffalo, it publicly distributed a few driver installers it maintained, on its site and those had been hijacked as well as tainted with malware.

There were dual methods by which the attackers modified the installers. According to one, they modified one RAR file known as setup.exe that was self-extracting for running one malevolent .dll file when it was being installed. Actually, this .dll file happened to be one Trojan that planted one more .dll file, which pulled down as also loaded Infostealer.Bankeiya.B from elsewhere. The modifying process led to the breakage of the certificate for digital signature.

As for the other technique, attackers incorporated an installer of Buffalo into Infostealer.Bankeiya.B, while the latter was made to appear an authentic installer. Consequently, the installer when executed would plant the file, setup.exe to benefit both the authentic driver and one Trojan component which planted one malevolent .DLL that downloaded Infostealer.Bankeiya.B's key payload.

Whilst running the attacker hijacked installers, one user-interface WinRAR in Chinese language got exhibited.

Now Bankeiya.B, to work, requires Windows OSes such as 7, Vista and XP, while it reads Internet banking sessions within Chrome of Google, Firefox of Mozilla, as also Internet Explorer.

Meanwhile, Buffalo isn't alone in being a hardware manufacturer whose website was utilized to launch malware on consumers. During 2009, Trend Micro another security company discovered that hackers distributed malware-tainted device drivers of Razer, the company that manufactured gaming peripherals, on its support website.

ยป SPAMfighter News - 6/16/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next