User Login    
 + Register
News : Massive Malware Campaign Steals Everybody's Passwords
Posted by Randy on 2014/7/16 4:34:27 (559 reads) News by the same author

(yahoo.com) - Who, or what, is NightHunter? And what do they — or it — want?
Click to see original Image in a new window

Security researchers discovered last week that for the past five years, a mysterious group has been stealing user credentials from Facebook, Dropbox, Skype, Amazon, LinkedIn, Google, Yahoo, Hotmail, the Indian Web portal Rediff and several banks. Dubbed NightHunter, the campaign appears to have amassed an enormous database of stolen information.

The goals of the attacks remain unclear. NightHunter appears untargeted, simply interested in collecting as many user credentials as possible, according to Santa Clara, California-based security company Cyphort, which discovered and named NightHunter.

The NightHunter campaign involves several different types of keyloggers, including Predator Pain, Limitless and Spyrex. What sets NightHunter apart — and has made it so difficult to trace — is the fact that the keylogging malware relays its captured data back to the criminals in an unusual way: by emailing it.

Most malware communicates with its operators using Web protocols such as HTTP or Internet Relay Chat. But the NightHunter malware uses the email protocol SMTP, which has been around since 1982. SMTP "is outdated and often overlooked, so it can be a more stealthy way of data theft," wrote Cyphort's McEnroe Navaraj in a company blog post disclosing the findings.

NightHunter's preferred method of infecting target computers appears to be via phishing emails, Navaraj says. These emails are sent to personnel in the finance, sales or HR departments of all sorts of large companies and organizations, and bear .doc, .zip or .rar attachments, sometimes with fake IDM or 7zip installers bundled in. Some of the phishing emails are crafted to appear to be from goods-resale agents.

In addition to logging user keystrokes, the NightHunter malware also gathers and relays information about the Web browsers, instant-messaging and email clients, password managers, Bitcoin wallets or video games present on an infected computer.

Since 2009, NightHunter has amassed such an enormous database of stolen credentials from the abovementioned online services that, according to Cyphort, whoever is behind the campaign is in a position to do some serious damage.

"The potential for analyzing and correlating the stolen data to mount highly targeted, damaging attacks is high," Navaraj wrote in the blog post. "The actors behind NightHunter can use the trove of stolen credentials to leverage big-data analytics and enable new cyberthreats, for purposes of extortion, credit card or bank fraud, stealing state secrets or corporate espionage."

Printer Friendly Page Send this Story to a Friend Create a PDF from the article


Other articles
2015/7/31 6:50:00 - Chillicothe To Receive New 79 Room Hotel
2015/7/31 6:40:00 - Rabbit, Poultry And Dairy Show Results From NCM Fair
2015/7/31 4:53:31 - Wheat Yields Good In MU Variety Tests
2015/7/31 4:48:25 - Carthage Couple To Stand Trial In Abuse Of 1-Month-Old Baby
2015/7/31 4:39:49 - Feds: Man's Own Security System Caught Him Dealing Drugs
2015/7/31 4:35:24 - Woman Rushes To Ailing Mom's Side, Leaves 4 Young Children Home Alone
2015/7/31 4:26:49 - Harrison County Man Arrested For Abuse After Child Found On Highway
2015/7/31 4:21:54 - "Exorcism" At Public Park Caught On Camera
2015/7/31 4:18:14 - Woman Accused Of Getting 13-Year-Old Drunk, Raping Him
2015/7/31 4:09:51 - Country Showdown Begins At 7:30 Tonight At NCM Fair
2015/7/31 4:03:01 - Livingston County Sheriff Hires New Deputy
2015/7/31 3:59:24 - Chillicothe Police Department Blotter
2015/7/31 3:57:05 - Chillicothe Police Department To Hold Softball Event
2015/7/30 14:21:48 - Endangered Person Advisory Issued For Missing Princeton Girl
2015/7/30 7:54:33 - Circuit Court In Trenton Sees A Variety Of Cases
2015/7/30 6:46:10 - Northwest Missouri Man Injured In Tuesday Night Accident
2015/7/30 6:40:44 - Two Trenton Residents Injured In Schuyler County Accident
2015/7/30 6:30:00 - Trenton Man Charged With Domestic Assault
2015/7/30 6:26:05 - Iowa Man Injured In Accident South Of Eagleville
2015/7/30 5:58:21 - Swine And Goat Show Results From North Central Missouri Fair
2015/7/30 4:29:28 - Facebook Scam Preyed On Grieving "Angel Mom"
2015/7/30 4:22:43 - Police: Inmate Assaults Missouri Corrections Officers In Escape Attempt
2015/7/30 4:17:44 - Effort Starts To Fight Kansas City's New Minimum Wage Law
2015/7/30 4:12:22 - J. C. Penney Employee: Boss Confronted Her Over Shorts She Bought At Same Store
2015/7/30 4:10:00 - Mother Charged After Toddler Found Unresponsive In Home Filled With Dead And Dying Animals
2015/7/30 3:56:29 - 4 Charged By Police With Burglary At Gallatin
2015/7/29 8:43:48 - Team Farmer Event At North Central Missouri Fair Canceled
2015/7/29 8:39:02 - Gallatin City Council Meets
2015/7/29 8:36:01 - Gallatin Man Arrested On Multiple Counts Of Child Porn
2015/7/29 6:39:38 - Habitat For Humanity To Hold Meeting At Chillicothe



Bookmark this article at these sites

                   

Listen to KTTN-FM