Monday, February 8, 2016

It has been a hacker? The Botnet which sent virus is antivirus now

Nobody can't explain it: some servers of the botnet which infects their victims with the famous bank Trojan Dridex have started to "infect" with the Avira antivirus. An avenging hacker? A mislead of Evil Corp, group who operates with Dridex? We'll talk about it today and also about the biggest password brute force attack known so far, about spam and phishing on 2015 and the ransomware report of CNN-CERT.

According to the company responsible of the Avira antivirus, some file servers which served the Trojan Dridex in malicious webs would have passed to serve the free version of this antivirus. According to Avira, someone with the "philosophy and lifestyle of Batman" would have assaulted these servers. At the end of the last month happened something similar when some "infected" routers to securize them.

Brute force on Alibaba

We are still talking about surprising news because of the Alibaba e-commerce site TaoBao would have been attacked using stolen credentials in other site. Concretely, 99 millions of stolen credentials which the hackers launched in an amazing brute force attack against the virtual store. 20,6 millions matched with TaoBao accounts. Incredible.

Phishing on 2015

We travel in time by now: Kaspersky has published their report about spam and phishing on 2015. To start, it's surprising that the spam has downed a 12%. Russia suffered the largest number of phishing attacks and Japan leads the ranking of unique users attacked by phishers. The most attached Trojan  to malicious mails was Trojan-Spy-HTML.Fraud.gen, a fake website which pretends being a important notification by a bank, e-commerce and others.

Ransomware report

We finish talking also about malware because the Spanish CCN-CERT has published the "Menace report IA-01/16 Safety measures against Ransomware", where they give security guidelines and recommendations. Only in 2015, the early alert system on Internet (SAM-INET) of the CCN-CERT managed 500 incidents related to this kind of attacks, more than twice than in 2014.

This was our daily sum. We wish a good beginning of weekend to our readers. 


Post a Comment