Clandestine Fox hackers spreading malware via Facebook, Twitter and LinkedIn

Social Media
The hacker group behind a notorious campaign targeting a critical vulnerability affecting multiple versions of Microsoft Internet Explorer has altered its strategy to spread malware using social media, according to security firm FireEye.

FireEye senior threat analyst Mike Scott reported the Clandestine Fox hackers altered their attack strategy after Microsoft issued a patch for the IE flaw, in a blog post. Scott said FireEye uncovered the new attack campaign after detecting a number of malicious social network messages targeting its customers.

"The attackers used a combination of direct contact via social networks as well as contact via email, to communicate with their intended targets and send malicious attachments. In addition, in almost all cases, the attackers used the target's personal email address, rather than his or her work address," read the post.
"This could be by design, with a view toward circumventing the more comprehensive email security technologies that most companies have deployed, or also due to many people having their social network accounts linked to their personal rather than work email addresses."

FireEye director of technology strategy Jason Steer told V3 while the Clandestine Fox strikes are only targeting very specific groups, the effectiveness of the tactic means it is only a matter of time before the wider crime community learns from them.

"Sites like Facebook and LinkedIn are prime sites to look for and target people. If you create a fake profile with a throwaway email account you can be anyone you like and if you access it via Tor no one knows where you connect from either and hence hard to trace back. Then you connect with the target," he said.

"These types of attacks will be reused and recycled into attacks by other gangs in the cybercrime industry as the effectiveness of their APT-style attacks slows. It will then be used by hacktivists, lone hackers and then by general cyber criminals all looking to use their hack against targets of interest or finally against the general man on the street."

Steer recommended... Read the rest of this post --->
Share on Google Plus

About Doru Somcutean

Hello, my name is Somcutean Doru and I'm from Romania.

I really like to read reviews and see what's new about technology, on D-BLOG I share with you articles/reviews that I find interesting. I also write some reviews in romanian...

My second blog is D-NEWS , here are some movie reviews , my favorite songs or clips that I like...is more like a personal blog...so please don't get in because you'll get really bored.

I hope you like it!

0 comentarii:

Post a Comment