The hackers, who mostly targeted victims in Hong Kong, also hijacked Microsoft's trust model to make their malware harder to detect.
chain attack, in which hackers corrupt a legitimate application to push out their malware to hundreds or potentially thousands of victims, represents a disturbing new outbreak of a cybersecurity scourge. But when thatis pulled off by a mysterious group of hackers, abusing a Microsoft trusted software model to make their malware pose as legitimate, it represents a dangerous and potentially new adversary worth watching.
Beyond the usual disturbing breach of trust in legitimate software that occurs in every software supply chain, Symantec says, the hackers also managed to get their malicious code—a backdoor known as Korplug or PlugX and commonly used by Chinese hackers—digitally signed by Microsoft. The signature, which Microsoft typically uses to designate trusted code, made the malware far harder to detect.
Cobra DocGuard, which is ironically marketed as security software for encrypting and protecting files based on a system of users' privileges inside an organization, has around 2,000 users, according to Symantec. So the fact that the hackers chose just 100 or so machines on which to install their malware—capable of everything from running commands to recording keystrokes—suggests that CarderBee may have combed thousands of potential victims to specifically target those users, O’Brien argues.
Deutschland Neuesten Nachrichten, Deutschland Schlagzeilen
Similar News:Sie können auch ähnliche Nachrichten wie diese lesen, die wir aus anderen Nachrichtenquellen gesammelt haben.
Perpetua wins new DoD award to push antimony trisulphide supply chain at StibniteUS-headquartered Perpetua Resources on Monday announced a new award from the Department of Defense (DoD) for up to $15.5-million to demonstrate a fully domestic antimony trisulphide supply chain using ore from the Stibnite site. The Ordinance Technology Initiative Agreement (OTIA) falls under the Prototype Other Transaction authority of the DoD.
Weiterlesen »
Ralph Lauren probed over alleged labor violationsU.S. fashion group Ralph Lauren is at the center of a supply chain infringement case.
Weiterlesen »
| A new attack on trans chess players worsens the game's gender problemNew restrictions imposed by the game's international governing body vividly demonstrate the links between misogyny and transphobia.
Weiterlesen »
Who is Bernardo Arevalo, Guatemala's new president promising 'new spring'?The 64-year-old sociologist and son of an ex-president secured a come-from-behind victory after trailing by a wide margin before the first round of voting in June.
Weiterlesen »
Jon Batiste on his new album, World Music Radio, and discovering new soundsBatiste explains the concept behind World Music Radio
Weiterlesen »