Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Extremely Refined APT Campaign Targets Renowned Individuals


Experts of Blue Coat, a security firm, warn that a highly sophisticated and multifaceted advanced persistent threat (APT) is aiming persons holding strategic ranks: executives in significant enterprises like money and engineering, oil, embassy, government and military officers.

Researchers of Blue Coat Labs have recognized the arrival of this formerly
undocumented attack framework. The malware started targeting in Russia or related to Russian interests after the beginning of a movie in 2010 of the matching name about a burglar who entered people's dreams and embezzled secrets from their subliminal but has since stretched to other sites all over the world.

The malware is preferably delivered through phishing emails tainted with Trojanized documents targeting users of PC.

When an innocent victim clicks on the attachment, it opens the expected Word document to avoid raising any red flags. But actually in the background, the malware exploits a known RTF vulnerability to drop two small pieces of code to disk and open a link to communicate with command-and -control accounts hosted by a free version of Swedish hosting service CloudMe.

The malware once enters into a system, collects information like name of the computer, version of the system, user name and local IDs along with system drive and volume details. Blue Coat observed that all the collected data is encrypted and propelled to a cloud account through the Web Distributed Authoring and Versioning (WebDAV) format to try to avoid detection by anti-virus tools.

Blue Coat said that the framework is planned in such a manner that all contact after the malware contamination (i.e. target surveying, malware updates, configuration updates and information exfiltration) can be executed through the cloud service.

The attackers have also designed malware to target BlackBerry, Android and iOS devices in addition to PCs.

SecurityWeek reported on 10th December, 2014 quoting Waylon Grange, Senior Malware Researcher of Blue Coat, as saying "Depending on the characteristics of the attack and affected persons connected with national political, military and economic benefits, the group behind the origin could be a medium-sized country or may be a professional and resourceful private entity."

ยป SPAMfighter News - 12/20/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next