Hackers exploit news items for new wave of attacks
Hackers exploit news items for new wave of attacks
Jul 04, 2005: An analysis of malware trends during June have revealed that new tactics in attacking computer systems are being employed by hackers over the world, which include exploitation of news items, spamming Trojans, focused attacks and Rootkits.
A review carried out by Fortinet, a provider of antivirus firewalls, has discovered that hackers are turning to social engineering tactics more than ever to exploit news events.
One spam, for example, announced the capture of Osama Bin Laden:
"Subject: Finally! Captured!
"Turn on your TV. Osama Bin Laden has been captured. While CNN has no pictures at this point of time, the military channel (PPV) released some pictures. I managed to capture a couple of these pictures off my TV. Ive attached a slideshow containing all the pictures I managed to capture. I apologise for the low quality, it's the best I could do at this point of time. Hopefully CNN will have pictures and a video soon. God bless the USA! Stephen Christensen."
It contained a Trojan inside the attachment that the user would unwittingly install under the computer system if he/she clicked on it.
Here is another one used recently too:
"Subject: Re: Suicidal attempt
"Message text:Last night, while in his Neverland Ranch, Michael Jackson has made a suicidal attempt. They suggest this attempt follows the last claim was made against the king of pop. 46 years old Michael has left a suicide note which describes and interpretes some of his sins.
"Read more..."
The user is invite to click onto a link, which leads to a web page that is loaded with browser exploits that can install malware onto the computer if he/she is using an unpatched browser.
Focused attacks are on the increase too, with a lot of attention turning to an Israeli Trojan launched in June. It was made specifically to get inside the backdoor of a specific company in Israel and steal confidential documents and data, which made it undetectable.
According to Fortinet, Rootkits are on the increase too. These are malware that are designed to hide data in an IT system (such as files, folder, or processes) from regular users. Some inject malicious code into all running processes, meaning that when a request is made for a list of files in a folder, for example, the Operating System's response is intercepted and falsified.
Guillaume Lovet, the team leader of the threat response team at Fortinet, said that Forensic specialists claim that once your PC has been infected by a Rootkit, total recovery is virtually impossible, so such attacks are better stopped at the network edge.
"The malware trends detected this months demonstrate the need for protection at the network level. Gone are the days when a one-axis solution was sufficient. The blended nature of today's threats calls for a blended solution, incorporating multiple functionality."
Related Article: