Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Cyber-Espionage Gang Employing Exploits after Repurposing them, Caution Security Specialists

According to security specialists, one prominent cyber-espionage gang that steals attack codes of Hacking Team has been making newer uses of them in assaults against corporate executives halting in luxury hotels, thus reported wired.co.uk, August 10, 2015.

The gang, which's nicknamed "Darkhotel," is known to attack since 2007 utilizing different spear-phishing mechanisms.

Darkhotel's hacking assaults presently rely on zero-day security flaw within Flash Player of Adobe which earlier was used in the spyware services of Hacking Team. By utilizing certain hijacked website, Darkhotel hackers have been contaminating target PCs with aid of the Adobe flaw.

Kaspersky the online security company after trying to trace Darkhotel's presence ever-since 2014, states that the hackers began exploiting the 0-day of Hacking Team nearly instantly following its leakage on July 5.

According to Kaspersky's Lab, Darkhotel certainly didn't act as Hacking Team's client. Along with the Hacking Team's attack code, there was as well one Flash exploit the website served during April after its notification to Adobe during January 2014 which Darkhotel utilized same year.

Starting July 22, the website had been activated to thrust the 0-day of Hacking Team through one malevolent .swf file for Flash along with one pictorial file. When in process of attack, the Flash attack code pulls down icon.jpg, the pictorial file that further pulls down other malevolent executables. According to Kaspersky Lab investigators, the dates of the malicious programs are altered and set at 2013 for bewildering investigators.

Further, for interacting with its CnC system, Darkhotel utilizes .hta file that programs malevolent executables on infected PCs, a method Darkhotel has been using since 2010 when North Korean targets were its victims.

Darkhotel mainly attacks by compromising Wi-Fi connections in hotels followed with planting spyware onto target PCs. The gang further utilizes social engineering methods, filched certificates, as also various other 0-day flaws for grabbing victims' secret business details.

However, the gang's biggest arsenal also its efficacious infection technique apparently is spear-phishing.

Principal Security Researcher Kurt Baumgartner at Kaspersky states, it's becoming ever-more essential to spread spear-phishing awareness considering the existence of the above kind of stubborn actors. Scmagazine.com published this, August 10, 2015.

» SPAMfighter News - 8/20/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page