Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Hacking group returns, switches from ransomware to trojan malware

3 Weeks Ago   #1
Brink

64-bit Windows 10 Pro
 
 
Hacking group returns, switches from ransomware to trojan malware

Quote:
A prolific hacking group has returned with a new campaign which looks to deliver a new remote access trojan (RAT) to victims in order to create a backdoor into PCs to steal credentials and banking information.

The campaign is suspected to be the work of TA505, a well-resourced hacking group which has been active since at least 2014. The group has launched some of the largest cyber attack campaigns of recent years, with victims targeted with the Dridex banking trojan, Locky ransomware, Jaff ransomware and more.

Many of these campaigns have been launched with the aid of the Necurs botnet, one of the largest spam generators used by cyber criminals.

Now TA505 is running a new campaign, which has been detailed by researchers at security company Proofpoint. In line with a change of focus by other cyber criminal groups, TA505 has shifted away from ransomware and banking trojans and now appears to focus on RATs -- including one which has only recently appeared and had only been used twice before. In both previous cases, the attackers remain unidentified.

Dubbed tRat by researchers, the malware is predominantly targeting financial institutions and is being distributed with the aim of grabbing credentials, financial data, and other information that would be useful to cyber criminal operations. Researchers also warn that it could have other capabilities that haven't been put into operation yet.

The malware campaign was first detected in late September, with phishing emails offering its targets secure files that need to be opened. If the user opens the attachment, the Word document claims to be protected by security firm Symantec and asks the user to enable macros to see the supposed secure files...


Read more: Hacking group returns, switches attacks from ransomware to trojan malware | ZDNet


My System SpecsSystem Spec
.
3 Weeks Ago   #2
ShadouFox

Windows-7 Ultimate 32bit
 
 

Quote   Quote: Originally Posted by Brink View Post
The malware campaign was first detected in late September, with phishing emails offering its targets secure files that need to be opened. If the user opens the attachment, the Word document claims to be protected by security firm Symantec and asks the user to enable macros to see the supposed secure files...
An oldie, but a goodie. People working at financial institutions receive hundreds of e-mails every day, so who can blame 'em for opening dodgy e-mails? What's a solution here? Never enable macros? Find something other than Word to view documents?
My System SpecsSystem Spec
Reply

 Hacking group returns, switches from ransomware to trojan malware




Thread Tools




Similar help and support threads
Thread Forum
Got hit with Ransomware Encryption Trojan
I got a Trojan or something because Microsoft Security Essentials was sounding alarm bells and a scan with Anti-Malware was bringing up stuff too. After some guaranteeing and rebooting I thought I had gotten rid of the problem. But later when I started Firefox all my addons were missing, which...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:35.
Twitter Facebook Google+