User Login    
 + Register
News : Massive Malware Campaign Steals Everybody's Passwords
Posted by Randy on 2014/7/16 4:34:27 (509 reads) News by the same author

(yahoo.com) - Who, or what, is NightHunter? And what do they — or it — want?
Click to see original Image in a new window

Security researchers discovered last week that for the past five years, a mysterious group has been stealing user credentials from Facebook, Dropbox, Skype, Amazon, LinkedIn, Google, Yahoo, Hotmail, the Indian Web portal Rediff and several banks. Dubbed NightHunter, the campaign appears to have amassed an enormous database of stolen information.

The goals of the attacks remain unclear. NightHunter appears untargeted, simply interested in collecting as many user credentials as possible, according to Santa Clara, California-based security company Cyphort, which discovered and named NightHunter.

The NightHunter campaign involves several different types of keyloggers, including Predator Pain, Limitless and Spyrex. What sets NightHunter apart — and has made it so difficult to trace — is the fact that the keylogging malware relays its captured data back to the criminals in an unusual way: by emailing it.

Most malware communicates with its operators using Web protocols such as HTTP or Internet Relay Chat. But the NightHunter malware uses the email protocol SMTP, which has been around since 1982. SMTP "is outdated and often overlooked, so it can be a more stealthy way of data theft," wrote Cyphort's McEnroe Navaraj in a company blog post disclosing the findings.

NightHunter's preferred method of infecting target computers appears to be via phishing emails, Navaraj says. These emails are sent to personnel in the finance, sales or HR departments of all sorts of large companies and organizations, and bear .doc, .zip or .rar attachments, sometimes with fake IDM or 7zip installers bundled in. Some of the phishing emails are crafted to appear to be from goods-resale agents.

In addition to logging user keystrokes, the NightHunter malware also gathers and relays information about the Web browsers, instant-messaging and email clients, password managers, Bitcoin wallets or video games present on an infected computer.

Since 2009, NightHunter has amassed such an enormous database of stolen credentials from the abovementioned online services that, according to Cyphort, whoever is behind the campaign is in a position to do some serious damage.

"The potential for analyzing and correlating the stolen data to mount highly targeted, damaging attacks is high," Navaraj wrote in the blog post. "The actors behind NightHunter can use the trove of stolen credentials to leverage big-data analytics and enable new cyberthreats, for purposes of extortion, credit card or bank fraud, stealing state secrets or corporate espionage."

Printer Friendly Page Send this Story to a Friend Create a PDF from the article


Other articles
2015/3/28 5:50:29 - Harrison County Accident Injures Ridgeway Woman
2015/3/27 16:19:18 - Milan Blisters Putnam County To Open Baseball Season
2015/3/27 16:15:35 - Trenton Kiwanis To Host Easter Egg Hunt At Moberly Park
2015/3/27 16:08:33 - Pershing Boyhood Home To Host Easter Egg Hunt
2015/3/27 15:59:31 - Michigan Wolverines End Mizzou's Season In WNIT's Third Round
2015/3/27 15:52:45 - Royals Right Fielder Out With Jammed Thumb
2015/3/27 15:40:00 - Royals Lose Young Right-Hander On Waivers To San Diego
2015/3/27 14:20:00 - Trenton Bulldogs Sweep Early Bird Relays
2015/3/27 13:30:00 - NCMC Softball Routs Graceland's JV, Runs Winning Streak To 11
2015/3/27 11:40:00 - MBCA Announces All-State Academic Basketball Team
2015/3/27 11:32:48 - Highway 65 Accident Injures Three
2015/3/27 11:21:58 - Trenton Family Aquatics Center To Hold Lifeguarding Course
2015/3/27 11:07:22 - Chillicothe City Council Scheduled To Meet Monday Night
2015/3/27 9:40:00 - MBCA Announces All-State Basketball Team
2015/3/27 9:00:09 - Malta Bend Man Catches Record-Breaking Catfish In the Missouri River
2015/3/27 9:00:00 - THS Graduate Rebekah Capeder Named NAIA Honorable Mention All-American
2015/3/27 8:40:00 - Trenton Residents Meet, Brainstorm Ideas To Improve City
2015/3/27 8:37:34 - Health Center Hosts Open House To Kick Off Public Health Month
2015/3/27 8:31:22 - Gun Show Coming To Marceline This Weekend
2015/3/27 8:26:02 - State To Fully Fund A+ Program In Spring Term
2015/3/27 8:22:55 - Huffington Post Names NCMC As "Top Ten" Community College In U.S.
2015/3/27 8:20:57 - Senator McCaskill To Host Senior Listening Session In Chillicothe
2015/3/27 7:49:44 - MoDOT Warns Of Potential Bridge Closings, Without Financial Help
2015/3/27 7:41:46 - Vehicle Reported Stolen In Chillicothe, Recovered In Springfield
2015/3/27 7:38:22 - Chillicothe Police Arrest Two On Substance Possession Charges
2015/3/27 7:33:16 - Chillicothe Accident Sends Elderly Woman To Liberty Hospital
2015/3/27 7:29:47 - Two Vehicle Accident Injures Bogard Woman
2015/3/27 7:24:41 - Discount Offered On May 2016 NCMC Group Trip To Europe
2015/3/27 7:22:51 - NCMC Chooses Trenton Native As "Academic Excellence" Award Winner
2015/3/26 13:40:00 - Livingston County SUV-Buggy Collision Kills 10 Year Old Boy



Bookmark this article at these sites

                   

Events Today
Listen to KTTN-FM