16 December 2011

Anatomy of a Nitro Cyber Attack by Symantec


Latest report by Symantec.
.....
"The Nitro Attacks whitepaper, published by Symantec Security Response, was a snapshot of a hacking group’s activity spanning July 2011 to September 2011.  The same group is still active, still targeting chemical companies, and still using the same social engineering modus operandi,"
.....
They are sending targets a password-protected archive, through email, which contains a malicious executable. The executable is a variant of Poison IVY and the email topic is some form of upgrade to popular software, or a security update. The most recent email brazenly claims to be from Symantec and offers protection from 'poison Ivy Trojan'," the authors explain.
......
"The attachment itself is called “the_nitro_attackspdf.7z”. The attachment archive contains a file called “the_nitro_attackspdf                            .exe”. (The large gap between the “pdf” and “.exe” is a basic attempt to fool a user into assuming that the document is a PDF, when it is really a self-extracting archive.)," the article states.




Click here to read more ...... 

 Solutions : www.xcyss.in

No comments:

Post a Comment