Thursday 20 August 2015

Developer Encryption Software Targeted By Cyber Espionage



The director of a Russian company that develops encryption software has been attacked by a group who are more concerned with attacking NATO, the White House and the German parliament. It claims the Japanese anti-virus company Trend Micro. It would go to a group of Russian spies.

Although several organizations abroad were the target group, there are attacks carried out in Russia. This involves phishing attacks whereby refined manner attempts to steal login details for email accounts. According to Trend Micro, members of the rock band Pussy Riot, politicians, journalists and software developers have been targeted. Besides the director of the company that develops encryption software was also a developer of web mail service Mail.ru attacked.

Phishing

The attacks on the Russian people were part of a larger campaign involving tens of thousands of people were targeted with phishing emails. This relates to users of well-known webmail providers such as Gmail, Yahoo, Hushmail, Outlook and other providers in the Ukraine, Iran, Norway and China. The way the attacks occur varies. Some campaigns use malware and vulnerabilities. The group of attackers have used at least six zero-day vulnerabilities in the past.

In addition, also targeted phishing attacks used to obtain login details. The phishing e-mails claim, for example that a new service is to deliver guaranteed emails. It then attempts to get through OAuth, an open authentication protocol for example, Yahoo offers to app developers to access the user's mailbox. The links in the phishing email while pointing to a legitimate website of Yahoo for OAuth. So users may think that it is a harmless link. What is the goal of the attackers know Trend Micro, but they may try to keep potential threats to Russia in the eye.

No comments:

Post a Comment