Trojan “Mirage” sights on employees of energy companies around the world

Posted: September 21, 2012 in IT Security News
Tags: , , ,

Stop spamTags: trojan, spam attack, cyber espionage

Malicious code is distributed in spam e-mail messages under the guise of the document as PDF.

According to the report by Dell SecureWorks, the Internet was developed a new campaign for cyber espionage aimed at employees of energy companies around the world.

Malware “Mirage” was found in the systems of the various energy companies Philippines, Canada, Taiwan, and Brazil, Israel, Egypt and Nigeria.

Experts say the virus samples are distributed under the guise of an email attachment PDF-documents. On the victim’s computer malware installs a backdoor that allows hackers to download an infected system, various additional components.

The virus hides its “internal” connection by displaying issue Google, use with Secure Socket Layer (SSL) in order to avoid detection.

The virus hides its “internal” connection by displaying issuance of Google search, use with Secure Socket Layer (SSL) in order to avoid detection.

The researchers could not determine who is behind the spam campaign, and then what kind of information kidnapped program. “We tore the chain of command, so we can not determine which documents are sought criminals” – the director of the department of virus detection Dell SecureWorks Joe Stewart.

According to Stewart, the experts were able to identify multiple IP-address command server attack. They were owned by the province network in Beijing, China. In addition, three IP-addresses used during the attacks previously found “Sin Digoo”.

More information is available here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s