User Login    
 + Register
News : Massive Malware Campaign Steals Everybody's Passwords
Posted by Randy on 2014/7/16 4:34:27 (450 reads) News by the same author

(yahoo.com) - Who, or what, is NightHunter? And what do they — or it — want?
Click to see original Image in a new window

Security researchers discovered last week that for the past five years, a mysterious group has been stealing user credentials from Facebook, Dropbox, Skype, Amazon, LinkedIn, Google, Yahoo, Hotmail, the Indian Web portal Rediff and several banks. Dubbed NightHunter, the campaign appears to have amassed an enormous database of stolen information.

The goals of the attacks remain unclear. NightHunter appears untargeted, simply interested in collecting as many user credentials as possible, according to Santa Clara, California-based security company Cyphort, which discovered and named NightHunter.

The NightHunter campaign involves several different types of keyloggers, including Predator Pain, Limitless and Spyrex. What sets NightHunter apart — and has made it so difficult to trace — is the fact that the keylogging malware relays its captured data back to the criminals in an unusual way: by emailing it.

Most malware communicates with its operators using Web protocols such as HTTP or Internet Relay Chat. But the NightHunter malware uses the email protocol SMTP, which has been around since 1982. SMTP "is outdated and often overlooked, so it can be a more stealthy way of data theft," wrote Cyphort's McEnroe Navaraj in a company blog post disclosing the findings.

NightHunter's preferred method of infecting target computers appears to be via phishing emails, Navaraj says. These emails are sent to personnel in the finance, sales or HR departments of all sorts of large companies and organizations, and bear .doc, .zip or .rar attachments, sometimes with fake IDM or 7zip installers bundled in. Some of the phishing emails are crafted to appear to be from goods-resale agents.

In addition to logging user keystrokes, the NightHunter malware also gathers and relays information about the Web browsers, instant-messaging and email clients, password managers, Bitcoin wallets or video games present on an infected computer.

Since 2009, NightHunter has amassed such an enormous database of stolen credentials from the abovementioned online services that, according to Cyphort, whoever is behind the campaign is in a position to do some serious damage.

"The potential for analyzing and correlating the stolen data to mount highly targeted, damaging attacks is high," Navaraj wrote in the blog post. "The actors behind NightHunter can use the trove of stolen credentials to leverage big-data analytics and enable new cyberthreats, for purposes of extortion, credit card or bank fraud, stealing state secrets or corporate espionage."

Printer Friendly Page Send this Story to a Friend Create a PDF from the article


Other articles
2014/11/27 5:42:55 - School Considered Canceling Nutcracker Trip to Protect Kids From Christmas Tree Exposure
2014/11/27 5:39:25 - Hundreds Of Thousands Without Power Due To East Coast Storm
2014/11/27 4:42:24 - Harrison County Prosecutor-Elect Pleads Guilty In Theft Case
2014/11/26 10:12:40 - Amaren Files Application To Raise Charge On Bills
2014/11/26 10:08:15 - NCMC Board Of Trustees Meeting Report
2014/11/26 9:53:35 - Gallatin Residents To See Increase In Water Bills
2014/11/26 9:50:52 - No Green Card For Lauren Gray: Dancer Leaves For London Saturday
2014/11/26 9:45:04 - Trenton Man Sentenced To Five Years In Prison
2014/11/26 9:42:24 - Missouri Taxpayers Sue Nixon For Common Core Tests
2014/11/26 6:49:29 - Trenton City Council Meeting Report
2014/11/26 4:18:15 - Google's Latest: A Spoon That Steadies Tremors
2014/11/26 4:12:02 - The Forgotten First President (Hint: It wasn't George Washington)
2014/11/26 4:05:51 - Neighbors React To Permit For Controversial Hog Farm
2014/11/26 3:59:19 - Police: Teens Steal From Cancer Patient
2014/11/26 3:55:10 - Salvation Army Revisiting Policy After Family Turned Away Due To Age Of Son
2014/11/25 7:36:07 - University City, Mo. Officer Shot In Chest, Woman Dies
2014/11/25 6:24:44 - Cameron Man Injured In Single Vehicle Accident: Accused Of DUI
2014/11/25 6:22:00 - Lighting Contest To Be Held In Mercer County
2014/11/25 6:20:00 - NCMC Softball Signs Platte County Recruit
2014/11/25 4:35:59 - Man Fighting For His Life After Being Run Over At McDonald's Drive-Thru
2014/11/25 4:23:44 - 17-Year Old Suspect Charged With Murdering His Grandmother Pleads Insanity
2014/11/25 4:20:11 - Missouri Lottery Will Advertise In Fortune Cookies
2014/11/25 4:17:38 - 17-Year Old Arrested: Robbed Shop With Airsoft Gun
2014/11/25 4:09:06 - Family Upset Officers Used Deadly Force Against Suicidal Teen
2014/11/25 4:00:00 - Police: Video Of Officer Shooting 12-Year Old Boy Is 'Clear'
2014/11/25 3:59:18 - With No Indictment, Chaos Fills Ferguson Streets
2014/11/24 17:20:58 - Princeton Boys Seeded #2 For Albany Tournament
2014/11/24 16:50:00 - Milan To Open 2014-2015 Basketball Season At Novinger Tournament
2014/11/24 12:00:25 - Trenton Boys Sweep Cameron Jamboree, Prepare For East Buchanan
2014/11/24 11:32:36 - KC Chiefs Add Receiving Depth, Signing Jason Avant



Bookmark this article at these sites

                   

Listen to KTTN-FM