Posted on Aug 31, 2017
Neutrino to Jimmy, a Malware Evolution. A few months ago, Kaspersky provided an analysis of a banking trojan calledNeutrino, and this week they dive into its evoluton, which they call Jimmy. The malware strain has evolved from straight up banking card stealing, to being able to load remote modules to perform a number of tasks, including cryptocurrency mining and web traffic injection.
Kaspersky reports on Russian hacking toolkit. This week, Kaspersky also revealed the existence of Whitebear, a hacking toolkit apparently in use by the Russian speaking Turla group to target embassies and other diplomatic related targets. There is some speculation around why Kaspersky, a Russian company, would release information around this toolkit. Is it already burned? Has it been neutralized? Are they attempting to distance themselves from the Kremlin? Don your tinfoil hats and read on.
DDoS Providers Collaborate to Identify and Neutralize Botnet. A large number of security companies, including direct competitors, collaborated this year to take down a botnet by the name of ‘WireX’. WireX was actually a mobile botnet, caused by ~300 malicious apps in the android store, and believed to be installed on at least 70k devices. Google has since removed the malicious apps and has been cleaning up client devices.
Malware making made easy. In other Android news, a new ransomware toolkit has been released that allows anyone to create an Android ransomware app in just a few clicks. Expect future stories of more app store removals in the future.
IoT Credential Leak. A number of IoT device credentials was discovered online last week, totalling at most ~8K unique hosts. Researchers have determined that fewer than 2K were still accessible, which is a miniscule amount that may be added to a botnet, but still cause for concern for whoever owns the devices. Also of interest is that the list allegedly consisted of 144 credential combos, up from the 60 that were initially used by Mirai. This discovery prompted security researchers to put an insecure device on the internet and observe what happens, resulting in the device being exploited approximately once every 2 minutes over the course of 44 hours.
RAT Provided For Free. A RAT builder named Cobain made the rounds underground recently, as it was being offered for free. This turned out to be due to the fact that the builder itself had a backdoor. This is another example of “when something is free, you are the product.”
711 million record spam list makes the rounds. You may have heard about the massive spam list this week, composed of 711 million records. Troy Hung, in his usual style, breaks down what is in the dataset and what it means.
With hackers finding new ways to attack third-parties in hopes of infecting a larger organization, the third-party ecosystem is more fragile than ever before.
The purpose of IT security risk assessment is to determine security risks to your company’s critical assets, and how much funding and effort should be used in their protection. Get started with SecurityScorecard’s step-by-step guide to managing your cyber risk.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.