User Login    
 + Register
PDQ Cleaning
News : Massive Malware Campaign Steals Everybody's Passwords
Posted by Randy on 2014/7/16 4:34:27 (544 reads) News by the same author

(yahoo.com) - Who, or what, is NightHunter? And what do they — or it — want?
Click to see original Image in a new window

Security researchers discovered last week that for the past five years, a mysterious group has been stealing user credentials from Facebook, Dropbox, Skype, Amazon, LinkedIn, Google, Yahoo, Hotmail, the Indian Web portal Rediff and several banks. Dubbed NightHunter, the campaign appears to have amassed an enormous database of stolen information.

The goals of the attacks remain unclear. NightHunter appears untargeted, simply interested in collecting as many user credentials as possible, according to Santa Clara, California-based security company Cyphort, which discovered and named NightHunter.

The NightHunter campaign involves several different types of keyloggers, including Predator Pain, Limitless and Spyrex. What sets NightHunter apart — and has made it so difficult to trace — is the fact that the keylogging malware relays its captured data back to the criminals in an unusual way: by emailing it.

Most malware communicates with its operators using Web protocols such as HTTP or Internet Relay Chat. But the NightHunter malware uses the email protocol SMTP, which has been around since 1982. SMTP "is outdated and often overlooked, so it can be a more stealthy way of data theft," wrote Cyphort's McEnroe Navaraj in a company blog post disclosing the findings.

NightHunter's preferred method of infecting target computers appears to be via phishing emails, Navaraj says. These emails are sent to personnel in the finance, sales or HR departments of all sorts of large companies and organizations, and bear .doc, .zip or .rar attachments, sometimes with fake IDM or 7zip installers bundled in. Some of the phishing emails are crafted to appear to be from goods-resale agents.

In addition to logging user keystrokes, the NightHunter malware also gathers and relays information about the Web browsers, instant-messaging and email clients, password managers, Bitcoin wallets or video games present on an infected computer.

Since 2009, NightHunter has amassed such an enormous database of stolen credentials from the abovementioned online services that, according to Cyphort, whoever is behind the campaign is in a position to do some serious damage.

"The potential for analyzing and correlating the stolen data to mount highly targeted, damaging attacks is high," Navaraj wrote in the blog post. "The actors behind NightHunter can use the trove of stolen credentials to leverage big-data analytics and enable new cyberthreats, for purposes of extortion, credit card or bank fraud, stealing state secrets or corporate espionage."

Printer Friendly Page Send this Story to a Friend Create a PDF from the article


Other articles
2015/6/29 7:40:02 - Rotary To Sponsor Exchange Student
2015/6/29 7:23:50 - Sullivan County Crowns Fair Queen
2015/6/29 6:36:20 - Fire Damages Trenton Residence
2015/6/29 6:32:09 - Saturday Accident At 13th And Cedar In Trenton Involves Gallatin And Trenton Residents
2015/6/29 4:51:25 - As Many As 16 Inured By Lightning Strike; Dog Killed
2015/6/29 4:39:47 - Air Show Continued After Tragedy
2015/6/29 4:35:18 - Missouri Trooper Shoots Suspect After I-70, U.S. 54 Pursuit
2015/6/29 4:20:00 - USDA Proposes Healthier Food For Child, Adult Day Cares
2015/6/29 4:15:22 - St. Louis' Minimum Wage Hike May Be Dead After Aldermanic Surprise
2015/6/29 4:09:35 - Man Convicted Of Sodomy With Child Commits Suicide
2015/6/29 4:00:14 - Good Samaritan Allows Woman To Hear Her Husband"s Voice Before He Dies
2015/6/29 4:00:00 - Poplar Bluff Granted Order Of Protection Against Sheriff's Department
2015/6/26 6:32:50 - 4 Injured When Vehicles Collide At Utica Intersection
2015/6/26 5:27:31 - Missouri State Fair Competition Deadline Approaching
2015/6/26 4:36:34 - National Guard Truck Crashes Into Overpass
2015/6/26 4:32:27 - Former Moberly School Bus Driver Pleads Guilty To Sex Crimes
2015/6/26 4:25:47 - Nitrogen Timing Critical In Wet Years
2015/6/26 4:17:06 - Grandmother Charged In Murder For Hire Plot Of Former Son-In-Law
2015/6/26 4:11:09 - North Central Missouri Fair Expands For 2015 Run
2015/6/25 8:55:07 - Chillicothe Firefighters Respond To Fire At Powerplant
2015/6/25 8:49:41 - Supreme Court Upholds Nationwide Health Care Law Subsidies
2015/6/25 7:55:31 - Stolen ATV Leads To Big Tow Fees For Victim
2015/6/25 7:51:56 - Missouri Woman Charged With Murder After Shoe Argument Turns Violent
2015/6/25 7:38:22 - Grundy County Circuit Court News
2015/6/25 7:30:00 - North Central Missouri Fair Seeks Entrants For Fair Queen Contest
2015/6/25 7:24:07 - Princeton Board Of Education Adopts Budget
2015/6/25 6:40:00 - Trenton Police Chief Tommy Wright To Attend Southern Police Institute
2015/6/25 6:40:00 - Grundy County Sheriff Arrests Trenton Resident On Multiple Drug Charges
2015/6/25 4:21:29 - Police: Two Women Died After Using Meth With Monett Man
2015/6/25 4:16:09 - Satan Worshippers Sue Missouri Governor, Attorney General Over Abortion Law



Bookmark this article at these sites

                   

Listen to KTTN-FM