malware

New Malware - PoS Trojan

New Malware - PoS Trojan

As per Researchers from  Dr. Web an antivirus firm, a malware is designed to infect point-of-sale (PoS) terminals and capable of intercepting GET and POST requests sent from Web browsers on infected machines.The Trojan can modify the registry branch in charge with autorun on the infected PoS terminals, it can also check the device’s RAM for credit card information,steal data from the Microsoft Mail application, as well as FTP login credentials.
Also Dr.Web explains that the commands supported by the Trojan include CMD (forward the command to the interpreter - cmd.exe), UPDATE, FIND (search for documents using a mask), DDoS (mount an HTTP Flood attack), and rate (set a time interval for communication with the command and control server).This Trojan borrows code from previously discovered Dexter malware that targets PoS terminals, while its architecture looks similar to that of Neutrino, though it is rather a downsized version of the latter.

Stealing Data By 'Living Off The Land'

Hackers latest tactic involves a malware-free attack using a company's own system credentials and admin tools to gain access.

Organizations should be on the alert for adversaries attempting to breach their computer systems by using little or no malware in their attacks, warns Dell SecureWorks’ Counter Threat Unit (CTU) senior researcher Phil Burdette. 
According Burdette, cyber criminals are using the target company’s own system credentials and legitimate software administration tools to move freely throughout their network, infecting and collecting valuable data. Burdette, who is part of the CTU operations team, says this has been the method to gain access to networks in nearly all of the intrusions responded to by the Incident Response Team over the past year.
The CTU has coined this tactic: living off the land. 

Apple: sour or still sweet? KeyRaider infects 'jailbroken' Apple iPhone users in 18 countries

Apple: sour or still sweet? KeyRaider infects 'jailbroken' Apple iPhone users in 18 countries

Recently, a malware 'KeyRaider' has compromised 225,000 Apple iPhone users accounts. This is considered to be one of the biggest attack against the firms user base. KeyRaider, a new strain of malware identified by researchers at Palo Alto Networks, affects only jailbroken devices, researchers at Palo Alto Networks said. The traces of distribution of this malware has been found in 18 countries so far. This malware is also acting as a ransomeware. It can send notification message demanding a ransom directly using the stolen certificate and private key, without going through Apple's push server.

Digital Forensic analysis of malware infected machine ÔÇô Case study

Digital Forensic analysis of malware infected machine ÔÇô Case study

Internet banking has created a convenient way for us to handle our business without leaving our home. Man-in-the-browser, a form of security threat in which proxy Trojan infects a web browser by taking advantage of vulnerabilities in browser security and modifies web pages, transaction content or insert additional transactions, all in a completely covert fashion invisible to user and web application host. Carberp, Silent banker, SpyEye, Zeus are the most important man–in-the browser Trojan’s developed targeting banking & financial industry. Zeus, nick named “the king of banking Trojan” and first known piece of Malware sold via license till 2011, entered the malware scene in 2007. Zeus can infect windows PC’s having IE, Firefox browsers. The mobile variant called ZitMo (Zeus in the mobile) entered the market in 2012 have the ability to infect  Windows, Android, Symbian, BlackBerry OS and defeats  SMS-based banking “out of band” two-factor authentication.

Cross Channel Fraud

Cross Channel Fraud

With access to sensitive customer information and assets, the banking and financial services sector has traditionally been a target for fraudsters. The evolving fraud landscape, characterized by individual fraudsters turning into hacker syndicates, and their use of a variety of sophisticated tools to remain a step ahead of enterprise security measures, poses significant threats to banks. The widespread use of multi- channel banking has expanded the attack surface of banks and created fresh fraud prevention challenges for individual channels. As a result, banks are witnessing rising instances of fraud across products and channels, which are adversely impacting organizational credibility and reputation.Cross-channel fraud is a threat, and it underscores the need for banks to deploy robust defense mechanisms like automated detection systems, that monitor suspicious activities and initiate corrective actions.

Pages

Subscribe to RSS - malware