Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Black Atlas campaign Targets SMBs, says Trend Micro

According to Trend Micro the security company, some sophisticated cyber-criminals have changed the function of penetration testing devices for hacking small and medium-size businesses' (SMBs) networks across the world while seeking to infect POS (point of sale) machines with malicious software, published computerworld.com in news on December 3, 2015.

Known as operation Black Atlas (name which security researchers of Trend Micro the anti-virus vendor has given), the latest assault began during September 2015. In this campaign, the attackers employ numerous tools for searching on the Internet to locate possible vulnerable spots within different organizations' computer networks.

The tools mentioned contain brute-force password cracking software, port scanners, remote desktop scanners, Simple Mail Transfer Protocol (SMTP) scanners, as well as more attack applications easily available by searching the Internet.

Researchers at Trend Micro state that networks having easily guessable password practices have the tendency to get victimized during the early penetration testing phase. This early phase uses a "shotgun" strategy for invading PC-networks, since the Black Atlas execution doesn't narrow down on particular targets, however, just examines the ports available on the Internet followed with gaining several targets simultaneously at the end.

Moreover, following utilization of a batch of tools for examining what best way these can invade computers at a reconnaissance or intelligence gathering session, the Black Atlas operators prepared one test plan as well as employed another batch of tools for invading PC-networks. Having invaded, the criminals got to know the environment well enough to begin leveraging their PoS malware.

The malicious programs employed within the Black Atlas operation are different malware samples like of NewPOSThings, Alina, BlackPoS (its other name is Kaptoxa), and Kronos a backdoor Trojan. These malware programs are then joined with botnets namely Diamond Fox and Gorynych for contaminating the POS machines.

Trend Micro states the data Black Atlas stole included Facebook logins, website credentials, while within one specific instance the criminals even compromised one active video feed with the help of a CCTV camera.

The Black Atlas attack infected the systems mostly in USA, Chile, UK, Germany, Taiwan, India and Australia, the security company informs.

» SPAMfighter News - 12/15/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page