Attacks by Syrian Malware is Developing in Sophistication - Kaspersky
Russian security vendor Kaspersky Labs warns that the number of cyber attacks against Internet users in Syria is growing as organized groups targeting activists, dissidents and media agencies with more sophisticated strains of malware.
The report of Kaspersky's Global Research & Analysis Team (GReAT) reveals that groups from both sides of civil war are using advanced social engineering techniques improving legitimate apps and complicate their code to infect target machines with Remote Access Tools (RATs) like 'Dark Comet'.
RATs (also known as remote administration Trojans) can compromise the machine on which it is installed and cybercriminals can employ them to embezzle credentials of user, activate microphone functionality and cameras and control many features of an infected machine.
One new social engineering strategy employed is a faked leaked document impersonating a surreptitious government catalog containing the identities of persons hunted by the organization and the second bogus leak alleges to contain information about use of chemical weapons.
Actually, the documents contain a RAT devised to steal crucial data from victims. The other plot involves YouTube videotapes of the clash which also encourage Internauts to download bogus Trojanized versions of renowned communication software like Viber and WhatsApp.
The bogus security software named in the report contains a rogue antivirus, a fake firewall and a bogus encrypted VPN patron.
Threatpost.com published a report on 18th August, 2014 quoting researchers as that the Total Network Monitor, a legitimate app, is inside another sample detected, being used with implanted malware for undercover works."
The latest malware attacks have infected more than 10,000 users with some files downloaded more than 2,000 times.
Securityweek.com published a report on 18th August, 2014 quoting Ghareeb Saad, Senior Security Researcher of GReAT at Kaspersky lab as saying "Combination of factors - rapid app development, social engineering and remote administration tools for taking over the entire system of the victim creates a worrying scenario for innocent users."
He concluded: "We expect that Syrian malware will continue to attack and it will grow in quantity and quality. Hence, users should be very careful about suspicious links, double checking their downloadings and must install an upgraded and reliable security solution."
» SPAMfighter News - 26-08-2014