Russian Hackers at Work, third Gmail Malwire defect, Magento Sites in danger | Avast
There is no rest from Russian hacking teams. Now they’re targeting governments within the U.S., the EU Union and former land territories with weapon zed documents containing malware.
Their fresh free malware tool permits hackers in to focus on pcs wherever they take screenshots and obtain system info from the infected computer. The software system then uses email to send the photographs back to the hackers and receive new directions. Some describe it as a spy camera on a pc that may send pictures back home, allegedly to Russia.
The hackers with APT28 — generally called “Sofacy” or “Fancy Bear” — also are allegedly behind the 2016 hack of the Democratic National Committee.
The malicious campaign begins with phishing emails referencing the recent Lion Air crash off the coast of the state. Emails have impersonated staff of the U.S. Department of State and sent to suppose tanks, businesses, and government agencies with a Microsoft Word document hooked up.
When the Word document is opened, it prompts the user to alter macros that then start putting in the malware. Currently, the Word doc has remodeled into a delivery system for malware.
Sorts of Magento Malware:
The campaign delivers 2 sorts of malware:
(1) Zebrocy – a trojan that has antecedently been determined as a part of cyber spying makes an attempt out of Russia, and
(2) Cannon – functions equally as Zebrocy by establishing communication with a command and management server, providing malware with directions.
When we have a tendency to discuss Advanced Persistent Threats (APTs), Word documents are the weapon of alternative,” explains Luis Corrons, Avast security evangelist. “To most users, they appear benign, and email gateways are less seemingly to dam them. Further, they’ll be stuffed with legitimate content that’s relevant to the target, that makes it a lot of seems that they’ll, of course, open the document.”