Social-Networking Websites being Used for Spreading Malware
Zscaler in their blog post dated December 10, 2015 recently cautioned Portuguese-speaking Brazilian Internauts that cyber-criminals, by employing socially-engineered tactics, are so deceiving them they could unknowingly download bank info-stealing Trojan.
By exploiting various social media websites, especially Twitter and Facebook, the cyber-criminals are presenting short web-links, similar as ones composed with bit.ly for accessing free software such as Avast anti-virus and WhatsApp, or coupon vouchers, the security company states. Reportedly, an enormous number of visitors following the web-links browsed Facebook, thus reported itworldcanada.com dated December 22, 2015.
Actually, Facebook being a most trusted website prompted the cyber-criminals to choose it so they could fulfill their main objective of using its infrastructure to float malicious software on it, and disseminate the same among their victims.
According to Zscaler researchers, the first malware which gets pulled down onto victims' computers is the banking downloader Trojan namely Spy, while Telax the Spy Banking Trojan constitutes the ultimate payload, which's one Delphi executable designed for grabbing banking credentials.
Once run, Telax attacks the Visual Basic Compiler (VBC) process by injecting malevolent code inside it, with that code then first looking for virtual environment such as Virtual Box, VMWare, Virtual PC or Virtual Wine that may be running on the attacked computer. Subsequently, modules hunt to find anti-virus, plant rootkit drivers and other malware followed with transmitting data from the infected computer onto their C&C server.
Now within another likewise attack, cyber-security firm Ryatheon Websense cautioned that one website namely christmas-graphics-plus.com was presenting computer graphics on Christmas for free, but rather it planted the ransomware CryptoWall via the Angler Exploit Kit. A computed 60,000 users likely got victimized with the attack, the security firm said.
Moreover according to Assolini representing Kaspersky Lab, cyber-crooks were utilizing Sugarsync, Dropbox, Google Docs as well as other platforms for hosting files, adding that it was new to have Facebook getting exploited for floating the malevolent files.
Nonetheless, for remaining safe from the above kinds of attacks, users require increasing their knowledge about social engineering assaults while deploy vigorous anti-virus software to serve as their chief safeguards, Assolini recommends.
» SPAMfighter News - 28-12-2015