User Login    
 + Register
News : Massive Malware Campaign Steals Everybody's Passwords
Posted by Randy on 2014/7/16 4:34:27 (353 reads) News by the same author

(yahoo.com) - Who, or what, is NightHunter? And what do they — or it — want?
Click to see original Image in a new window

Security researchers discovered last week that for the past five years, a mysterious group has been stealing user credentials from Facebook, Dropbox, Skype, Amazon, LinkedIn, Google, Yahoo, Hotmail, the Indian Web portal Rediff and several banks. Dubbed NightHunter, the campaign appears to have amassed an enormous database of stolen information.

The goals of the attacks remain unclear. NightHunter appears untargeted, simply interested in collecting as many user credentials as possible, according to Santa Clara, California-based security company Cyphort, which discovered and named NightHunter.

The NightHunter campaign involves several different types of keyloggers, including Predator Pain, Limitless and Spyrex. What sets NightHunter apart — and has made it so difficult to trace — is the fact that the keylogging malware relays its captured data back to the criminals in an unusual way: by emailing it.

Most malware communicates with its operators using Web protocols such as HTTP or Internet Relay Chat. But the NightHunter malware uses the email protocol SMTP, which has been around since 1982. SMTP "is outdated and often overlooked, so it can be a more stealthy way of data theft," wrote Cyphort's McEnroe Navaraj in a company blog post disclosing the findings.

NightHunter's preferred method of infecting target computers appears to be via phishing emails, Navaraj says. These emails are sent to personnel in the finance, sales or HR departments of all sorts of large companies and organizations, and bear .doc, .zip or .rar attachments, sometimes with fake IDM or 7zip installers bundled in. Some of the phishing emails are crafted to appear to be from goods-resale agents.

In addition to logging user keystrokes, the NightHunter malware also gathers and relays information about the Web browsers, instant-messaging and email clients, password managers, Bitcoin wallets or video games present on an infected computer.

Since 2009, NightHunter has amassed such an enormous database of stolen credentials from the abovementioned online services that, according to Cyphort, whoever is behind the campaign is in a position to do some serious damage.

"The potential for analyzing and correlating the stolen data to mount highly targeted, damaging attacks is high," Navaraj wrote in the blog post. "The actors behind NightHunter can use the trove of stolen credentials to leverage big-data analytics and enable new cyberthreats, for purposes of extortion, credit card or bank fraud, stealing state secrets or corporate espionage."

Printer Friendly Page Send this Story to a Friend Create a PDF from the article


Other articles
2014/7/25 6:26:53 - Motorcycle Accident Injures Cameron Resident Near Mooresville
2014/7/25 4:42:55 - Child Abuse Charges Include Snakes, Lizards And Alligators
2014/7/25 4:40:00 - Search Warrant Leads To Two Meth Suspects
2014/7/25 4:30:00 - 3 Convicted In $17 Million Drug Conspiracy
2014/7/25 4:26:15 - Woman Ticketed After Stopping To Help Stranded Ducklings
2014/7/25 4:22:33 - 10-Month-Old Baby Dead After Being Left In Hot Car
2014/7/25 4:15:23 - Husband Documents Wife's Reasons For Rejecting Sex, Sends To Her Work Email
2014/7/25 4:07:44 - Family Feud Sparks Revolt At Grocery Store Chain
2014/7/25 4:01:28 - Livingston County Sheriff Investigation Report
2014/7/24 11:03:48 - Two Spickard Residents Arrested On Drug Charges
2014/7/24 10:51:09 - Fire Damages Trenton Residence This Morning
2014/7/24 10:50:00 - Inmate At Daviess/DeKalb Jail Charged With Hitting Man 240 Times
2014/7/24 10:10:45 - Highway 65 And 28th Street Topic Of Meeting
2014/7/24 9:59:51 - Two Have Cases Heard In Court At Trenton
2014/7/24 9:56:09 - Caller Posing As Grundy Electric Employee In Attempt To Collect Payment
2014/7/24 9:52:51 - Trenton Resident Arrested
2014/7/24 4:46:07 - Man Caught Snapping Pictures At Pool With Concealed Camera
2014/7/24 4:35:31 - KC Leaders Endorse Ban On Openly Carrying Guns
2014/7/24 4:28:51 - Couple Arrested For Having Sex On Public Beach In Broad Daylight
2014/7/24 4:26:02 - 4-Year-Old Boy Banned From Doughnut Shop
2014/7/24 4:21:38 - Missouri Man Accused Of Leaving Infant Twins Unattended In Car
2014/7/24 4:14:50 - Arizona Execution Takes Nearly Two Hours
2014/7/24 4:09:06 - Missouri Couple Indicted On 9 Counts Of Illegal Synthetic Drugs
2014/7/23 9:17:41 - North 65 Center in Trenton To Hold Fundraiser
2014/7/23 9:11:50 - Dr. G Discusses "End Of Life"
2014/7/23 7:29:21 - Livingston County Sheriff Reports On Transports To Department Of Corrections
2014/7/23 6:39:12 - Highway Patrol: Prescription Drugs Responsible For Deaths And Emergencies Every Day
2014/7/23 6:33:00 - Spickard Board Of Education Meets
2014/7/23 6:28:38 - St. Joseph Woman Sentenced To 5 Year Prison Term For Fraud
2014/7/23 4:51:03 - Unique Church Service Caters To Deaf Community



Bookmark this article at these sites

                   

Listen to KTTN-FM