Brazilian govt sites found serving malware
Posted on 28.05.2013
Cyber crooks targeting Brazilian users have a well-documented predilection for banking Trojans, but every now and then they opt for other types of malware.

Trend Micro researchers have recently discovered that two Brazilian government websites have been compromised and have been serving a number of malware variants to visitors since late last week.

Masquerading as "Adobe" and Flash Player updates and upgrades, the malicious executables usually drops another executable and a Java file posing as a .GIF file.

While the first lowers the systemís security settings, the second one downloads and executes additional files, and among them is a .JAR file that creates a new administrator account through which multiple concurrent remote desktop sessions in the affected computer are enabled, giving remote attackers complete control over the computer.

What is the ultimate goal of this attack is unknown, and it could theoretically be anything.

The researchers haven't mentioned which particular government sites were compromised, but this could be a watering hole campaign aimed to compromise computers belonging to government workers, or it could be a simple information-stealing campaign aimed at random users.









Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //