Tags: trojan, spam attack, cyber espionage
Malicious code is distributed in spam e-mail messages under the guise of the document as PDF.
According to the report by Dell SecureWorks, the Internet was developed a new campaign for cyber espionage aimed at employees of energy companies around the world.
Malware “Mirage” was found in the systems of the various energy companies Philippines, Canada, Taiwan, and Brazil, Israel, Egypt and Nigeria.
Experts say the virus samples are distributed under the guise of an email attachment PDF-documents. On the victim’s computer malware installs a backdoor that allows hackers to download an infected system, various additional components.
The virus hides its “internal” connection by displaying issue Google, use with Secure Socket Layer (SSL) in order to avoid detection.
The virus hides its “internal” connection by displaying issuance of Google search, use with Secure Socket Layer (SSL) in order to avoid detection.
The researchers could not determine who is behind the spam campaign, and then what kind of information kidnapped program. “We tore the chain of command, so we can not determine which documents are sought criminals” – the director of the department of virus detection Dell SecureWorks Joe Stewart.
According to Stewart, the experts were able to identify multiple IP-address command server attack. They were owned by the province network in Beijing, China. In addition, three IP-addresses used during the attacks previously found “Sin Digoo”.
More information is available here.