Experts - Cybercriminals Target European Automakers with Malware

Csoonline.com reported on 25th August, 2014 quoting a recent warning of security researchers as "cybercriminals are using a new information-stealing malware program to target companies of the automobile industry in Europe.

The cyber crooks dispensed their malware through spear-phishing electronic mails impersonating Technik Automobile which was looking to purchase second-hand and pre-owned vehicles. The emails had an attached ZIP file called TechnikAutomobileGMBH.pdf.zip which was purportedly a log of vehicles but actually had a Trojan program known as Carbon Grabber which was detected by Symantech as Infostealer.Retgate.

The tainted file shall decrypt another executable from its own self and inject code into Internet Explorer, Microsoft Outlook, Mozilla Firefox and Google Chrome processes on the hijacked computer.

The Trojan hooks the browser APIs permitting it to embezzle data ahead of its encryption and being sent to network. For example, stolen information may include password and user name for Outlook and other information for online banking or internal Web applications which are entered by the user to log into services.

Man-in-browser (MitB) technique intercepts all data and then delivers to a command and control (C&C) server.

Symantec has revealed that not only automobile businesses are targeted by the attackers as it has registered infections on machines used in public services (13%) and also in charity works and financial sector (9% in both cases).

However, the security company observed that Carbon Grabber affected most of the victims (48%) who are familiar with services like commercial transport, car rental and the secondary market for agricultural and commercial vehicles.

Securityweek.com published news on 25th August, 2014 quoting Lionel Payet, Threat Intelligence Officer of Symantec, as saying "It is not yet confirmed that crooks operating the Technik Automobile spam email campaign are entirely financially motivated. We are sure that if the assault is successful, the attackers will get foothold in the business of the victim."

It is not surprising that companies in the automobile industry are targeted more considering it's wealthy sector. However, corporate networks are not the only elements to be protected against cyber attacks as recently many security researchers have warned about hacking of computer systems powering modern cars.

» SPAMfighter News - 9/2/2014