Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

spamNEWS | botnet | phising | virus | spam | mallware
Drones Imagined as Planting Spyware from Distance onto Targeted PCs PDF Print E-mail
Written by Administrator   
Wednesday, 29 July 2015 07:00

The Intercept in one fresh report by it tells how the government has thought of one fresh method to plant spyware onto end-users' PCs viz. with the help of drone. Pcmag.com reported this, July 21, 2015.

According to electronic mails circulated internally at Hacking Team a notorious company, it had been discussing with a supplementary institute named Boeing that manufactures various kinds of unmanned systems, how a technique could be developed for contaminating PCs via drone.

The institute's blueprint explained within Hacking Team's roadmap for different projects indicates that a specialist would be handling a project related to developing one low-weight, tiny PC which will contain weaponized code while journeying on certain drone of Boeing.

Within one internally circulated e-mail, an account manager of Hacking Team says the project is possibly by utilizing one Tactical Network Injector (TNI). A laptop-based and so one tangible device, a TNI would have its operator insert the device inside the network a target is working with, often exposed Wi-Fi network inside any coffee shop or hotel. So whilst the targeted user goes online for any routine task, like downloading an application alternatively seeing a movie clip, the device would tap the resulting traffic, which however, shouldn't be encrypted, followed with inserting the weaponized code that'd clandestinely plant the spyware of Hacking Team. Firstlook.org reported this, July 18, 2015.

Expectedly, by appending to the drone one tiny network injector, the Wi-Fi network could be struck from above, alternatively from afar. There wouldn't be any need for the system mechanist towards getting close to the target physically.

Disturbingly, the mechanism's impact can be enormous, albeit it isn't clear to what extent the project has progressed.

During past few years when digital security and human rights activists discovered evidences of Hacking Team's spying software on political activists' and journalists' PCs in Morocco, Ethiopia and other countries, Hacking Team acquired notoriety. From the leaked documents reported lately, it's certain that Hacking Team traded its spyware with several nations, which had records of questionable human rights, and with US agencies too although it's yet legally controversial whether such spyware can be used in the country.

Read more... - Drones Imagined as P...
 
South Korea, Major Client of Hacking Team for Spyware PDF Print E-mail
Written by Administrator   
Wednesday, 29 July 2015 07:00

According to recent revelations from leaked e-mails, South Korea, among other countries, was a buyer of spyware that Hacking Team a notorious Italian company sold. Seoul, which historically has been practicing military dictatorship, the purchase of the spyware shows that it's yet again building police state. Wsws.org published this dated July 16, 2015.

A detailed description of various communications and sales by Hacking Team have become obtainable from the company's files that got exposed on the Internet on July 5, 2015 and which WikiLeaks the whistle-blowing site subsequently posted. The files indicated that the 5163 Army Division of South Korea (SK), during January 2012, had bought the RCS (Remote Control System) spyware while kept on making contacts with Hacking Team till January 2015. To deliver RCS onto targets' machines, pornography, poisoned documents along with malevolent web-links are combined, as per the exposed electronic mails. Programs that booby-trap on vulnerable applications can be customized and sent onto targets' PCs.

One local daily reported that the NIS (National Intelligence Service) placed one product order for purchasing the illegal software, alternatively toolkits for spyware, to send to thirty more targets during December 2012 via one area technology firm. It was a politically sensitive period when just eleven days were left for the presidential election of high competition.

Hacking Team, to contaminate PCs and smart-phones, propagated the RCS while users remained unaware of the contaminations, as well as used the System for monitoring computers, messaging applications, phone calls and more.

The powerful NIS of SK reportedly used the government's 5163 Army Division for concealing the intelligence services' overseas activities.

Soon suspicion grew on NIS that it employed the eavesdropping methodology, and the agency admitted buying of the spyware. But it explained the purchase was done for examining cyber-warfare technology in the backdrop of North Korea (NK) acquiring South Koreans' financial data via hacking approximately 25,000 phones there.

No doubt SK has been victimized with several cyber-assaults from NK during recent years, which Pyongyang however, overruled; still NIS' explanation doesn't fully remove escalated doubts that the spyware's employment for hacking might've had association with illegitimate operations.

Read more... - South Korea, Major C...
 
TeslaCrypt Ransomware Wreaking Havoc in Indian Cities PDF Print E-mail
Written by Administrator   
Tuesday, 28 July 2015 09:00

Security experts have detected one fresh variant of TeslaCrypt an infamous ransomware compromising end-user's computer till he pays money demanded as ransom. TeslaCrypt of version 2.0 belongs to an encryptor family and notoriously contaminates gamers' PCs; published The Times of India dated July 19, 2015.

Currently, TeslaCrypt 2.0 is attacking Internet-based businesses and consumers through electronic mail attachments from where the malware is unleashed for blocking end-user from accessing his system till he pays the ransom money. In case of delay in the payment, which should be in dollars, the ransom demanded gets twofold.

TeslaCrypt began contaminating computers within Southeast Asia, Europe and U.S. From there it spread across India, particularly Mumbai and Delhi. During 2015, the ransomware targeted 2 business-owners from Agra who were demanded of a $10,000-and-more ransom sum.

According to Nitin Kasan, Cyber-Cell In-Charge in Agra, during January-June 2015, there were dual instances in the city when the malicious program encrypted critical data-files of the victims followed with blackmailing them towards paying a ransom in return for decrypting those files. The Times of India reported this.

Another victim, Sandeep Gupta, owner of a company in Agra that exports handicraft items, said that during February, his e-mails and company website that had essential shopper information and transaction details became inaccessible when certain unfamiliar hacker from Nigeria blocked them. Bharatpress.com reported this, July 20, 2015.

Gupta described the hackers as forcing him towards agreeing to pay $10,000, with the message threatening that his information would be destroyed if he didn't pay. Gupta stated that he contacted the police cyber-cell of Agra for help so his e-mail account and website could be restored.

South Asia in-charge Managing Director Altaf Halde of Kaspersky Lab the first person to identify TeslaCrypt explains ransomware as a malicious program which extorts digitally. Any entity from an ordinary shopper to a small firm or giant company could be victimized with ransomware. Usually, e-mail with a picture, a zipped folder or an .exe file in an attachment is used for the attack. Opening such an attachment results in the deployment of the malware onto the end-user's computer, Halde tells. Bharatpress.com reported this.

Read more... - TeslaCrypt Ransomwar...
 
WikiLeaks’ Exposed Stratfor Trove Maligned with Malware PDF Print E-mail
Written by Administrator   
Tuesday, 28 July 2015 09:00

A system administrator Josh Wieder who recently visited WikiLeaks discovered malware laced into documents of the publicly exposed Stratfor, stated techworm.net dated July 19, 2015.

Austin, Texas (US) situated American think tank, Stratfor that handles security issues, during late 2011, became victim of a hack by Jeremy Hammond. Hammond the hacker forwarded the e-mail archive of the company to WikiLeaks during early the next year. WikiLeaks, as it handles any other leaked file coming into its grip, publicized the dump.

Wieder scanned all the 5m electronic mails dumped together just for discovering malicious software inside most of the files.

In a blog post, Wieder described the data as truly enormous, more than 5.5m e-mails. The dump was probably so enormous that 2-yrs weren't enough for accurately examining as well as cleansing the documents before they were wholly published during 2014 (from the year 2012 when WL received them). Techworm.net published this, July 19, 2015.

Further as per Wieder, plentiful malware got illegally included as PE/OLE files else VBScript macros. It was probable that more contaminated documents were hanging about inside WikiLeaks' dump of unfiltered folders. The Register reported this, July 17, 2015.

As an instance of the above, the February 2011 dated internal memo regarding Libya's conflict-torn regions of Tripolitania and Cyrenaica had an attached Word file, which indicated presence of malware when examined with VirusTotal, as there was one code-execution attack code inside it for the CVE-2010-3333 vulnerability in Mac and Windows (Microsoft Office).

Wieder has prepared one catalog of Stratfor electronic mails that carry the malware described.

He says he discovered eighteen active malware strains inside the e-mail dump, the majority of which had Word, Excel or PDF files implanted. One malware strain had been created for plucking user registration details from applications. These were addresses and names that were then sent over the Internet onto a remote system.

The Sysadmin further states he has been asking the whistle blowing WikiLeaks site for getting the database sanitized. According to him, no reputable news website would be expected to harbor malware-laced documents, therefore WikiLeaks that claims to be accountable, should not either.

Read more... - WikiLeaks’ Exposed...
 
Fresh GamaPoS Malicious Program Disseminated through Andromeda Botnet PDF Print E-mail
Written by Administrator   
Monday, 27 July 2015 07:00

According to Trend Micro the security company, cyber-crooks are hunting PoS (point-of-sale) computers for contaminating with their fresh GamaPoS malware, which digs into computer memory, and is being disseminated via Andromeda a massive sized army of bots with an existence from 2011.

Since long, attackers have been practicing contamination of PoS devices via guessing alternatively, seizing credentials that help gain access remotely. In continuation of that, a large numbers of PoS hacks during past few years have led several companies towards adopting security measures for their processes of remote accession. Consequently, cyber-crooks don't find this attack medium lucrative enough.

This perhaps is the reason why the gang perpetrating GamaPoS is doing it by a separate tactic. Rather than directly attack point-of-sale devices through the Internet the perpetrators are reaching them through the trustworthy inside PC-networks of organizations.

The assaults begin with spam mails carrying the malware and posing as containing documents, which comply with the Payment Card Industry Data Security Standard (PCI DSS), else software updates essential for safeguarding computers from the lately unearthed malicious program MalumPs. There are malevolent macros inside the attachments which plant backdoor for delivering the GamaPoS.

Trend Micro states that the above description implies that the assault executes one spam run for spreading Andromeda backdoors, contaminates PCs with malicious PoS program, followed with expecting seizure of target PoS devices from among massive volumes. As per approximate computations, GamaPoS may've just struck 3.8% of the systems impacted with Andromeda, the security company adds. Securityaffairs.com published this, July 17, 2015.

Trend Micro's researchers further found that the miscreants employed the backdoor for taking down programs with which other computers of the impacted PC-networks could be hacked followed with making lateral movements thereafter.

The malware reportedly contaminated computers within various industries such as consumer electronics, online retail and home healthcare. Several organizations in USA and a few in Canada's Vancouver province too may've been impacted.

Enterprises, which utilize payment cards like Maestro and Discovery are endangered with losing the sensitive information of their customers, caution the researchers, while recommend deployment of proper spam filters which scan attachments for malware.

Read more... - Fresh GamaPoS Malici...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1295
Polls
The Spamproblem is
 
Who's online
We have 130 guests and 1 member online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us