SEC spoofed, malware hosted on US gov't server in new DNS attack

screen-shot-2017-10-12-at-08-30-38.jpg File Photo

Researchers have discovered a new version of the DNS Messenger attack which masquerades as the US Securities and Exchange Commission (SEC) and hosts malware on compromised government servers.

On Wednesday, security researches from Cisco Talos revealed the results of an investigation into DNS Messenger, a fileless attack which uses DNS queries to push malicious PowerShell commands on compromised computers.

A new version of this attack, which the team say is "highly targeted in nature," now attempts to compromise victim systems by pretending to be the SEC Electronic Data Gathering Analysis, and Retrieval (EDGAR) system -- recently at the heart of a data breach related to financial fraud -- in specially crafted phishing email campaigns.

These spoofed emails made them seem legitimate, but should a victim open them and download a malicious attachment contained within, a "multi-stage infection process" begins.

The malicious attachments used in this campaign are Microsoft Word documents. However, rather than using macros or OLE objects to gain a foothold into a system, the threat actors used a less common method of infection, Dynamic Data Exchange (DDE), to perform code execution and install a remote access Trojan (RAT).

http://www.zdnet.com/article/sec-spoofed-malware-hosted-on-us-govt-...

Views: 159

Comment

You need to be a member of 12160 Social Network to add comments!

Join 12160 Social Network

"Destroying the New World Order"

TOP CONTENT THIS WEEK

THANK YOU FOR SUPPORTING THE SITE!

mobile page

12160.info/m

12160 Administrators

 

Latest Activity

MAC posted a video

TRUMP ADVOCATING FOR PEACE, CABINET PICKS ADVOCATE WAR

The Trends Journal is a weekly magazine analyzing global current events forming future trends. To access our premium content, subscribe to the Trends Journal...
5 hours ago
Doc Vega posted a blog post

When Will the True Reparations Be Awarded?

Americans have weathered the worst storm perhaps in American history from an intentionally…See More
14 hours ago
MAC posted videos
Tuesday
tjdavis posted photos
Tuesday
Doc Vega posted photos
Monday
Doc Vega posted a blog post

Veteran’s Day a Time That Should Be Honored

 At a time in our confusing and idiotic history when a Democrat can’t define a woman when being…See More
Monday
Michael A. Pinson posted a photo
Monday
cheeki kea commented on tjdavis's blog post Mountain Miracle
"Thumbs up to this awesome school. Isn't it amazing that some of the greatest teachers are to…"
Sunday
cheeki kea commented on cheeki kea's photo
Sunday
cheeki kea commented on Doc Vega's blog post This is Incredible! Trump is Already releasing Plans to Dismantle the Deep State and Purge the Corrupt Players
"Oh wow he is not wasting any time. May the power of the words he just spoke resonate across America…"
Sunday
tjdavis favorited cheeki kea's video
Sunday
tjdavis favorited rlionhearted_3's photo
Sunday
tjdavis posted a blog post
Sunday
Doc Vega's 4 blog posts were featured
Saturday
cheeki kea's 2 blog posts were featured
Saturday
Doc Vega commented on tjdavis's blog post Mountain Miracle
"A creative way to get hands on participation with students and the community."
Saturday
Doc Vega favorited tjdavis's blog post Mountain Miracle
Saturday
Doc Vega posted a blog post

The Perfect Lies

The Perfect Lies Time is like an ocean with its secrets running deepLike all the lovers you’ve…See More
Saturday
tjdavis posted blog posts
Saturday
tjdavis posted a blog post
Nov 8

© 2024   Created by truth.   Powered by

Badges  |  Report an Issue  |  Terms of Service

content and site copyright 12160.info 2007-2019 - all rights reserved. unless otherwise noted