Netrepser Malware Steals Intelligence from Government Organizations

Security researchers from BitDefender the cyber security company of late detected one fresh targeted assault that they called Netrepser. The threat is unique in that it has been created using software tools that are readily available unlike in the case of other Advanced Persistent Threats (APT).

Netrepser aims at filching databases from government organizations. While nothing is known about the organizations which were attacked, Netrepser employs several techniques for digitally getting hold over its victim's information ranging between keylogging, cookie theft to password seizure.

A pairing easily done between the malware and sophisticated spear phishing methodologies for garnering intelligence has prompted BitDefender to assume Netrepser belongs to some high-level attack scheme.

According to the security company, the malware's somewhat strange creation could've without hesitation classified it as any routine threat similar as many which firms and companies block every day. But, its complexity is greater than a lot of those other malware because of its range of techniques that it utilizes for stealing info such as cookies, passwords and also intercepting keystroke logins.

The tool at its core has one legitimate though controversial kit, as BitDefender suggests, which recovers the malware, and which Nirsoft provided. Theinquirer.net posted this online dated May 9, 2017.

Provider of special applications, Nirsoft has its products utilized for regaining cached passwords alternatively keeping watch over network traffic. The apps function via strong command-line interfaces which are made to take instructions for running wholly invisibly behind the screen. Reportedly, in the initial assessment, 500 bots got detected; targets were solely government organizations and agencies; and the malware's early strains got noticed during May 2016.

Incidentally, Netrepser attack isn't an opportunistic one instead an organized espionage scheme experiencing many redundancies and, eventually one tactic for deterring forensic examinations aimed to recover evidence.

Over time, Netrepser gang has hacked some 500 PCs as well as exfiltrated login credentials, documents as also other intelligence items all of whose count is unknown. The operations started from May last year. According to BitDefender, due to the attacks' nature, it was not possible to attribute it to anything until speculation was started.

» SPAMfighter News - 5/16/2017