Experts Recognize New Malware Communicating with Gmail

Bgr.com published news on 29th October, 2014 quoting researchers as saying "a new piece of malware has been discovered which can spy on computer of the user". Researchers also found that the malware can communicate with its authors through Google's popular Gmail email service.

Security startup Shape Security states that it has found a fresh strain of malware that can read directives from Gmail drafts and answer to the command of the hacker without knowledge of the user about this happening on the computer.

Networkworld.com published news on 29th October, 2014 quoting Wade Williamson, Researcher with Shape Security, as saying "What we are seeing is command and control which is using a totally permissible service making it super-stealthy and very difficult to identify. It is silently passing messages back and forth with no pressing of send."

For making it to operational, cybercriminals initially set up an unnamed Gmail account and then contaminate a target system with malware. On getting the system's control, the cybercriminal will remotely open an undetectable illustration of Internet Explorer (IE) where the Gmail account is loaded.

The cybercriminal was able to open the drafts folder of Gmail without any knowledge of the user. The malware then exploited a Python script to recover instructions from the draft field which was remotely updated by the hacker. The malware then responded to the cybercriminal through the same draft field passing acknowledgements of instructions and sensitive information back to the cybercriminal.

The malware encrypts all details communicated between itself and the cybercriminal in order to avoid anti-virus software.

Shape has confessed that it has no knowledge about the number of computers polluted with the virus which is an edition of a Remote Access Trojan (RAT) famously called icoscript which was first spotted in August.

G-Data, a German security firm, discovered the Icoscript Trojan in 2012 and it began using Yahoo Mail emails. The worry now is that shifting to Gmail has made it more difficult to detect and the responsibility is now on Google to provide better security to its patrons from automated malware.

» SPAMfighter News - 11/7/2014