Sunday, 19 April 2015

Even Linux Users Targeted By Cyber Espionage

Appear regularly reports of attacks by cyber spies who have provided at Windows users, but the Japanese anti-virus company Trend Micro claims to have discovered an attack which also Linux users were targeted. The attacks come from a group that the defense companies, media organizations, Russian dissidents, members of NATO and even the White House has provided.

The attackers have been active for some time and use different tactics to infect their victims with malware. There Microsoft Office documents are used as containing spyware. In another attack were on a Polish government site posted several exploits that install malware on the same unpatched users. Finally phishing emails were also used those users to fake login pages for Microsoft Outlook Web Access (OWA) by sent.


In the first quarter of this year, the group was very active and used it several new attacks, including sending e-mails with malicious links, which supposedly to news reports seem to indicate. When a user opens the link, and certain conditions are met does the so-called news site with a message that there must be an HTML5 plugin installed to view the content of this website. In the case of Linux users who visit the website will be the X Agent or Fysbis spyware offered, while Windows users get the Sednit spyware.

Furthermore, the attackers use again the counterfeit OWA logon pages. These contain phishing pages JavaScript that when the user opens the link from the OWA preview pane, a tab opens with the intended site. In addition, the JavaScript causes the OWA session is forwarded in another tab to a phishing page that lets you know that the user is logged out and must log in again.

White House

Trend Micro also says to have proof that the group the White House has targeted. Four days after three YouTube bloggers President Barack Obama had interviewed these bloggers were the target of a Gmail phishing attack. According to the virus fighter they tried bloggers likely to use as a springboard for attacks against the White House. Who is behind the attacks is spying is not to say the anti-virus company.

No comments:

Post a Comment