Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

State-Backed Cyber-Actors Utilize Web Analytics to do Surveys, Finds FireEye


FireEye the cyber security company has said that cyber-actors who allegedly get sponsorship from nation-states have been found utilizing web analytic software for executing inspection. Cbronline.com reported this, November 16, 2015.

The company has spotted cyber-actors who've been mixing custom scripts with publicly and freely obtainable software for keeping watch over Internet-users' activities even as they remain unawares.

The data is of Internauts accessing more than 100 websites that as per FireEye got chosen to be compromised for acquiring admission into the systems of the sites' audience.

The sites getting attacked are although legitimate; however, they're selected exclusively. Each of them has an inherent HTML script on its homepage while its subsidiary pages are altered for being compromised again and forming another website which backs certain profiling program called WITCHCOVEN. This program gathers browser and computer configuration of the victim and plants one permanent tracking cookie named "supercookie" onto his system.

FireEye states it believes the con artists examine the gathered database for recognizing distinct end-users who're matched with details regarding their PC for subsequent planting of exploits that are customized to their PC as well as specific software configurations.

To cite an instance, suppose the attackers get to know of a targeted user working with obsolete software which has critical security flaws then they can without any difficulty compromise his system with existing exploits devoid of requiring pushing 0-day exploits. Possibly 0-days are employed solely against a few victims who've all patches on their PCs.

The above tactic was recently utilized within targeted operations that different APT gangs conducted specially, APT28 the Russian gang for Operation Russian Doll and APT3 the Chinese group for Operation Clandestine Wolf.

The data that WITCHCOVEN collected is as well suitable to craft spear phishing electronic mails to create a fake end-user profile for use in conventional cyber-spying while collating a list of probable targets.

A few hijacked online sites indicate that attackers likely are especially interested in people who've links with one prominent energy company/embassies/cultural organizations in Russia, the border guards and security services of Ukraine as well as a media company of the Georgian Republic.

ยป SPAMfighter News - 23-11-2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next