Source code of the remote desktop software Ammyy Admin has been used for malware that has been used for both targeted and large-scale attacks, according to security firm Proofpoint. Ammyy Admin is a program that allows remote access to computers.
Some time ago the source code of Ammyy Admin version 3 appeared on the Internet and cyber criminals have used it to develop malware called "FlawedAmmyy". This malicious version has been used in attacks since the beginning of 2016, but only recently discovered, Proofpoint says. Among other things, the automotive industry would be the target of the attacks.
To spread the malware, the attackers use e-mails that contain Word or ZIP files as an attachment. The Word files have a malicious macro that, when enabled by the user, downloads the malware on the system. Once active on a system, FlawedAmmyy can be used to steal trade secrets, customer data and other information from companies, according to the researchers.
No comments:
Post a Comment