User Login    
 + Register
PDQ Cleaning
News : Massive Malware Campaign Steals Everybody's Passwords
Posted by Randy on 2014/7/16 4:34:27 (477 reads) News by the same author

(yahoo.com) - Who, or what, is NightHunter? And what do they — or it — want?
Click to see original Image in a new window

Security researchers discovered last week that for the past five years, a mysterious group has been stealing user credentials from Facebook, Dropbox, Skype, Amazon, LinkedIn, Google, Yahoo, Hotmail, the Indian Web portal Rediff and several banks. Dubbed NightHunter, the campaign appears to have amassed an enormous database of stolen information.

The goals of the attacks remain unclear. NightHunter appears untargeted, simply interested in collecting as many user credentials as possible, according to Santa Clara, California-based security company Cyphort, which discovered and named NightHunter.

The NightHunter campaign involves several different types of keyloggers, including Predator Pain, Limitless and Spyrex. What sets NightHunter apart — and has made it so difficult to trace — is the fact that the keylogging malware relays its captured data back to the criminals in an unusual way: by emailing it.

Most malware communicates with its operators using Web protocols such as HTTP or Internet Relay Chat. But the NightHunter malware uses the email protocol SMTP, which has been around since 1982. SMTP "is outdated and often overlooked, so it can be a more stealthy way of data theft," wrote Cyphort's McEnroe Navaraj in a company blog post disclosing the findings.

NightHunter's preferred method of infecting target computers appears to be via phishing emails, Navaraj says. These emails are sent to personnel in the finance, sales or HR departments of all sorts of large companies and organizations, and bear .doc, .zip or .rar attachments, sometimes with fake IDM or 7zip installers bundled in. Some of the phishing emails are crafted to appear to be from goods-resale agents.

In addition to logging user keystrokes, the NightHunter malware also gathers and relays information about the Web browsers, instant-messaging and email clients, password managers, Bitcoin wallets or video games present on an infected computer.

Since 2009, NightHunter has amassed such an enormous database of stolen credentials from the abovementioned online services that, according to Cyphort, whoever is behind the campaign is in a position to do some serious damage.

"The potential for analyzing and correlating the stolen data to mount highly targeted, damaging attacks is high," Navaraj wrote in the blog post. "The actors behind NightHunter can use the trove of stolen credentials to leverage big-data analytics and enable new cyberthreats, for purposes of extortion, credit card or bank fraud, stealing state secrets or corporate espionage."

Printer Friendly Page Send this Story to a Friend Create a PDF from the article


Other articles
2015/1/26 10:40:00 - Buchanan County Shooting Kills One, Injures Mid-Buchanan School Nurse
2015/1/26 10:20:04 - KC Royals Invite 25 Players To Major League Spring Training
2015/1/26 10:15:52 - Grundy R-5 Coaches Shows For Monday, 1/26/15
2015/1/26 9:30:00 - NCMC Women Rip First Place In Region 16 From STLCC
2015/1/26 9:20:00 - Princeton Board Of Education Meeting Report
2015/1/26 9:19:58 - NCMC Softball Makes Weydert Signing Official
2015/1/26 9:16:51 - La Plata Man Dies In Saturday Night Accident
2015/1/26 9:13:39 - Mercer's Michaelis Leads Mizzou In Loss To #14 Kentucky
2015/1/26 9:11:38 - One Dead, Six Injured In Head-On Collision Near Orrick
2015/1/26 9:00:00 - Gilman City Girls Grab Big Overtime Win
2015/1/26 8:39:01 - Saturday Night Accident Near Salisbury Injures Four
2015/1/26 8:33:49 - I-35 Accident, Involving A Deer, Injures Iowa Woman
2015/1/26 8:30:41 - Cardinals Sweep Panthers In HDC Doubleheader
2015/1/26 8:22:45 - Princeton Sweeps Milan In KTTN Friday Night Doubleheader
2015/1/26 8:20:00 - Mercer Cardinal Coaches Shows For Monday, 1/26/15
2015/1/26 7:31:52 - Suspect Wanted On First Degree Murder Charges In Ottumwa Arrested
2015/1/26 7:30:00 - Hogs Clip Tigers In Mizzou Arena Nail-Biter
2015/1/26 4:30:00 - Is The Personal Robot Finally Here?
2015/1/26 4:25:12 - Man Transforms His Home Into A Cat Paradise For Maximum Kitty Fun
2015/1/26 4:20:54 - Baby Born In Arizona Without Eyes
2015/1/26 4:11:22 - Man Shot At For Flicking Bright Lights At Driver
2015/1/26 4:06:28 - Deaths By Suicide Appear To Be Increasing Across Missouri
2015/1/26 4:03:00 - 4-Year Old Calls 911, Saves Pregnant Mother And Becomes Big Sister
2015/1/26 3:59:02 - Three Teens Charged In Killing Of 14-Year Old Girl
2015/1/26 3:56:03 - Sheriffs Want Popular Police-Tracking App Disabled
2015/1/26 3:52:20 - Nor'easter Threatens Northeast With 2 Feet Of Snow
2015/1/26 3:50:17 - Texas Man Pleads Guilty to Stealing $930,000 from St. Joseph Employer
2015/1/23 21:05:29 - Grundy County Grass Fire Burns Seven Acres
2015/1/23 21:01:17 - Gilman City Man Injured In Wreck East Of Bethany
2015/1/23 20:58:23 - Friday Morning Accident Injures Richmond Man



Bookmark this article at these sites

                   

Events Today
Listen to KTTN-FM