User Login    
 + Register
News : Massive Malware Campaign Steals Everybody's Passwords
Posted by Randy on 2014/7/16 4:34:27 (529 reads) News by the same author

(yahoo.com) - Who, or what, is NightHunter? And what do they — or it — want?
Click to see original Image in a new window

Security researchers discovered last week that for the past five years, a mysterious group has been stealing user credentials from Facebook, Dropbox, Skype, Amazon, LinkedIn, Google, Yahoo, Hotmail, the Indian Web portal Rediff and several banks. Dubbed NightHunter, the campaign appears to have amassed an enormous database of stolen information.

The goals of the attacks remain unclear. NightHunter appears untargeted, simply interested in collecting as many user credentials as possible, according to Santa Clara, California-based security company Cyphort, which discovered and named NightHunter.

The NightHunter campaign involves several different types of keyloggers, including Predator Pain, Limitless and Spyrex. What sets NightHunter apart — and has made it so difficult to trace — is the fact that the keylogging malware relays its captured data back to the criminals in an unusual way: by emailing it.

Most malware communicates with its operators using Web protocols such as HTTP or Internet Relay Chat. But the NightHunter malware uses the email protocol SMTP, which has been around since 1982. SMTP "is outdated and often overlooked, so it can be a more stealthy way of data theft," wrote Cyphort's McEnroe Navaraj in a company blog post disclosing the findings.

NightHunter's preferred method of infecting target computers appears to be via phishing emails, Navaraj says. These emails are sent to personnel in the finance, sales or HR departments of all sorts of large companies and organizations, and bear .doc, .zip or .rar attachments, sometimes with fake IDM or 7zip installers bundled in. Some of the phishing emails are crafted to appear to be from goods-resale agents.

In addition to logging user keystrokes, the NightHunter malware also gathers and relays information about the Web browsers, instant-messaging and email clients, password managers, Bitcoin wallets or video games present on an infected computer.

Since 2009, NightHunter has amassed such an enormous database of stolen credentials from the abovementioned online services that, according to Cyphort, whoever is behind the campaign is in a position to do some serious damage.

"The potential for analyzing and correlating the stolen data to mount highly targeted, damaging attacks is high," Navaraj wrote in the blog post. "The actors behind NightHunter can use the trove of stolen credentials to leverage big-data analytics and enable new cyberthreats, for purposes of extortion, credit card or bank fraud, stealing state secrets or corporate espionage."

Printer Friendly Page Send this Story to a Friend Create a PDF from the article


Other articles
2015/5/25 5:57:00 - 10 Historical Facts About Memorial Day
2015/5/25 5:46:10 - Forgotten For Decades, Fallen NY Soldier Is Finally Honored
2015/5/22 17:55:36 - Woman Found Pushing Dead 3-Year-Old Son in Swing
2015/5/21 14:21:21 - NCMC Foundation Presents "Salute Awards"
2015/5/21 11:35:05 - Marshall Man, Accused Of Shooting At Police, Captured In Alabama
2015/5/21 11:25:26 - Police Surround Home Of Suspected Murderer In Sedalia
2015/5/21 10:20:00 - Daily Room Rate At Sunnyview Increases By Eight Dollars
2015/5/21 10:20:00 - Milling Work Scheduled To Begin Next Week In Trenton
2015/5/21 10:10:04 - Kansas Truck Driver Injured In U.S. 36 Accident
2015/5/21 10:07:54 - Putnam County Teens Injured In Late Night Accident
2015/5/21 10:00:00 - AP : Suddenlink Sold To European Company
2015/5/21 10:00:00 - Local Bank Purchases Tax Credits, In Hopes Of Improving Trenton's Downtown
2015/5/21 9:47:51 - Efforts Underway To Repair Lawn Damage At Grundy County Courthouse
2015/5/20 10:55:08 - Area Organizations Plan To Distribute Money-Saving Light Bulbs
2015/5/20 10:47:05 - Gallatin Library Receives $5,628 Grant
2015/5/20 10:00:00 - Area Rivals Tie For 3rd At Class 1 Boys Golf Tournament
2015/5/20 9:10:00 - Trenton High School Announces "Underclassman Awards"
2015/5/19 11:31:12 - Grundy County Commission Will Not Adopt Health Ordinance
2015/5/19 11:27:03 - Trenton Middle School Announces End-Of-Year Awards/Honors
2015/5/19 10:20:00 - Roadwork Planned For Highway 6, East Of Trenton
2015/5/19 10:02:11 - Missouri Farm Bureau Sponsors Photo Contest
2015/5/19 9:53:21 - Caldwell County Fairgrounds In Facebook Competition For Grant Money
2015/5/19 9:44:00 - Special Olympics "Torch Runs" Planned For Area Communities
2015/5/19 9:34:19 - Simpson Park To Host Darin Bryan Memorial Day Race
2015/5/19 9:07:36 - ATV Accident Injures Unionville Girl
2015/5/19 8:34:40 - Chillicothe Facility Hosts Weekend FFA Events
2015/5/19 8:33:23 - Gallatin Man Promoted By Highway Patrol
2015/5/19 8:31:39 - Spickard School Board Meets
2015/5/19 4:50:18 - TPD Busts 2 On Meth Charges Over Weekend
2015/5/19 4:40:44 - Man Drives Truck Through His House On Purpose



Bookmark this article at these sites

                   

Events Today
Listen to KTTN-FM