Spam cam­paign fo­cused on In­dia


Sy­man­tec has ob­served that a re­cent ma­li­cious spam cam­paign fo­cused on users in In­dia. The e-mails con­tained a ma­li­cious at­tach­ment, de­tected as Spy­ware. Redpill, which is used by cyber crim­i­nals to steal con­fi­den­tial in­for­ma­tion. This in­cludes cre­den­tials for so­cial net­work­ing ac­counts, bank ac­count de­tails, e-mails writ­ten on com­pro­mised com­put­ers and screen­shots.

A state­ment is­sued by Sy­man­tec said that upon open­ing the at­tached file, users re­ceive an er­ror mes­sage in­di­cat­ing that the file was cor­rupted. How­ever, the mal­ware is silently ex­e­cuted and has al­ready be­gun to steal in­for­ma­tion, even as its ma­li­cious pur­pose re­mains hid­den from the user. In the back­ground, the mal­ware in­stalls it­self on the com­pro­mised com­puter. It also cre­ates a reg­istry en­try sub­se­quent to which key­strokes are recorded and screen­shots taken.

“The stolen in­for­ma­tion is sent to an e-mail ac­count hard­coded into the pro­gramme. In our in­ves­ti­ga­tions we found de­tails of the e-mail ac­count used by the at­tacker to re­ceive the stolen data—for in­stance, it re­ceived over 12,000 e-mails in March 2013,” said Ab­hi­jit Limaye, Di­rec­tor, De­vel­op­ment, Se­cu­rity Re­sponse, Sy­man­tec.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.