Russian hackers Malware shot of the White House

A person claiming to speak for activist hacker group Anonymous is seen issuing a warning throught a video circulated online to "go to war" with the Singapore government over recent Internet licensing rules on November 1, 2013. Activist group Anonymous hacked a Singapore newspaper website on November 1 and threatened wider cyber attacks over Internet freedom, with government agencies reportedly on alert after the group said it would "wage war" with the city-state. AFP PHOTOROSLAN RAHMAN (Photo credit should read ROSLAN RAHMAN/AFP/Getty Images)

Kaspersky Lab Global Research and Analysis Team published a report on the actions of sophisticated new cyber espionage. Targeted malware is believed to include White House and United States Department of State.List of other targets of these attacks is government organizations and commercial enterprises in Germany, South Korea and Uzbekistan as well as key executives.

According to Kaspersky, these attacks use crypto and anti-detection capabilities. For example, the code would detect the presence of several security products to try to avoid.
Security experts Kaspersky Lab found a strong function of malicious programs, as well as a suitable structural similarity between this toast with MiniDuke cyber espionage action, CosmicDuke and OnionDuke. The operation, according to a number of indicators, is believed to be performed by actors from Russia.

Kaspersky Lab observations indicate that MiniDuke and Cosmic Duke still active and targeting of diplomatic organizations / embassies, energy companies, oil and gas, telecommunications, military, and academic institutions / research in a number of countries.

Distribution Method

The actor behind the Cozy Duke often does spearphisher to the target by sending an email that contains a link to a website that tells hacked. In other operations, the perpetrator sends fake flash video with a malicious executable attachments included in the email.

Cozy Duke uses a backdoor and a dropper. The malicious program sends information about the target to the command and control server, and retrieve configuration files and additional modules to carry out any additional functions required by the attacker.

Tips For Internet Users

-. Do not open attachments and links from people you do not know
-. Regularly scan your PC with a sophisticated anti-malware solutions.
-. Beware of the ZIP archive to SFX files in it.
-. If you are not sure about the attachment, try to open it in the sandbox
-. Make sure you have a modern operating system with all patches installed
-. Update all third-party applications such as Microsoft Office, Java, Adobe Flash Player and Adobe Reader

Komentar

Posting Komentar