Total Members: 14197
Posted by: Pez
« on: 12. March 2014., 15:29:50 »Threats Timeline Tracks Recent Security Breaches
As a supplement to the latest McAfee Labs Threats Report, published this week, we offer this timeline of leading threats that made news in the fourth quarter of 2013.
• October 3: Adobe reports personal information relating to customer orders has been accessed in an attack on the company’s systems.[1] The total amounts to 152 million records, including names, customer IDs, encrypted passwords, encrypted debit or credit card numbers with expiration dates, and source code, according to DataLossDB.[2]
• October 7: McAfee Labs announces criminal activities around the Quarian backdoor, which targets government agencies and embassies around the world, including the United States.[3]
• October 18: McAfee Labs researchers discover a targeted attack using a technique that ensures the malware can run only on the targeted computer by using its IP address as a decryption key.[4]
• October 31: McAfee Labs discovers a suspicious sample targeting a Microsoft Office vulnerability.[5] McAfee Labs confirms this is a zero-day attack and immediately shares its findings with the Microsoft Security Response Center, which on November 5 sends its warning about a previously unknown security vulnerability of a Microsoft graphics component. The attack, which exploits CVE-2013-3906, downloads an executable, a RAR SFX containing another executable and a fake Word document. (For details, see page 6 of the McAfee Labs Threats Report.)
• November 5: Android/HackDrive: McAfee sends an alert on mobile malware used in a sabotage campaign in the Middle East.[6]
• November 13: Intego blogs about a new variant of the Remote Control System, spyware from the Hacking Team. Targeting Macs, this program is described as an expensive rootkit used by governments during targeted attacks. Nicknamed OSX/Crisis, it can collect audio, pictures, screenshots, and keystrokes, and report everything to a remote server.
• November 21 and 27: McAfee Labs reports that Japanese and Korean Android apps on Google Play steal mobile devices phone numbers.[7]
• December 6: McAfee Labs explains how Android/Balloonpopper, a game recently revoked from Google Play, can secretly upload stolen conversations and pictures that can be retrieved by anyone who knows the phone number of the victim.[8]
• December 16: McAfee reports a substantial amount of suspicious apps can secretly collect Google account IDs on Google Play.[9] Some of these applications, detected as Android/GaLeaker, are downloaded between 10,000 and 50,000 times.
• December 16: The Hürriyet Daily News reports that Russian hackers stole ID data of 54 million Turkish citizens.[10]
• December 17: McAfee Labs discovers variants of Reveton (Ransom-FFK!, Ransom-FFM!, Ransom-FFN!, Ransom-FFO!, and Ransom-FFQ!) that come with various flavors of encryption to evade antimalware detections.[11]
• December 17: CVE-2013-5329 on Adobe Flash Version 11.9.900.117 is found integrated in the Angler exploit kit.[12]
• December 19: Target confirms approximately 40 million credit and debit card accounts may have been impacted after unauthorized access to its payment system.[13] Later, Target raised the figure to 70 million.[14]
[1] http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html
[2] http://datalossdb.org/
[3] http://blogs.mcafee.com/mcafee-labs/quarian-group-targets-victims-with-spearphishing-attacks
[4] http://blogs.mcafee.com/mcafee-labs/targeted-attack-focuses-on-single-system
[5] http://blogs.mcafee.com/mcafee-labs/mcafee-labs-detects-zero-day-exploit-targeting-microsoft-office-2
[6] http://blogs.mcafee.com/consumer/mobile-malware-used-in-sabotage-campaign-by-hackers-in-the-middle-east
[7] http://blogs.mcafee.com/mcafee-labs/more-japanese-chat-apps-on-google-play-steal-phone-numbers
[8] http://blogs.mcafee.com/mcafee-labs/androidballoonpopper-sums-up-mobile-threat-landscape-in-2013
[9] http://blogs.mcafee.com/mcafee-labs/suspicious-apps-on-google-play-leak-google-account-ids
[10] http://www.hurriyetdailynews.com/russian-hackers-stole-54-million-turkish-citizens-id-data-claim.aspx
[11] http://blogs.mcafee.com/mcafee-labs/reveton-ransomware-hides-behind-encryption
[12] http://malware.dontneedcoffee.com/2013/12/cve-2013-5329-or-cve-2013-5330-or.html
[13] http://pressroom.target.com/news/target-confirms-unauthorized-access-to-payment-card-data-in-u-s-stores
[14] http://money.cnn.com/2014/01/10/news/companies/target-hacking/
Original article: By Francois Paget on Mar 11, 2014
As a supplement to the latest McAfee Labs Threats Report, published this week, we offer this timeline of leading threats that made news in the fourth quarter of 2013.
• October 3: Adobe reports personal information relating to customer orders has been accessed in an attack on the company’s systems.[1] The total amounts to 152 million records, including names, customer IDs, encrypted passwords, encrypted debit or credit card numbers with expiration dates, and source code, according to DataLossDB.[2]
• October 7: McAfee Labs announces criminal activities around the Quarian backdoor, which targets government agencies and embassies around the world, including the United States.[3]
• October 18: McAfee Labs researchers discover a targeted attack using a technique that ensures the malware can run only on the targeted computer by using its IP address as a decryption key.[4]
• October 31: McAfee Labs discovers a suspicious sample targeting a Microsoft Office vulnerability.[5] McAfee Labs confirms this is a zero-day attack and immediately shares its findings with the Microsoft Security Response Center, which on November 5 sends its warning about a previously unknown security vulnerability of a Microsoft graphics component. The attack, which exploits CVE-2013-3906, downloads an executable, a RAR SFX containing another executable and a fake Word document. (For details, see page 6 of the McAfee Labs Threats Report.)
• November 5: Android/HackDrive: McAfee sends an alert on mobile malware used in a sabotage campaign in the Middle East.[6]
• November 13: Intego blogs about a new variant of the Remote Control System, spyware from the Hacking Team. Targeting Macs, this program is described as an expensive rootkit used by governments during targeted attacks. Nicknamed OSX/Crisis, it can collect audio, pictures, screenshots, and keystrokes, and report everything to a remote server.
• November 21 and 27: McAfee Labs reports that Japanese and Korean Android apps on Google Play steal mobile devices phone numbers.[7]
• December 6: McAfee Labs explains how Android/Balloonpopper, a game recently revoked from Google Play, can secretly upload stolen conversations and pictures that can be retrieved by anyone who knows the phone number of the victim.[8]
• December 16: McAfee reports a substantial amount of suspicious apps can secretly collect Google account IDs on Google Play.[9] Some of these applications, detected as Android/GaLeaker, are downloaded between 10,000 and 50,000 times.
• December 16: The Hürriyet Daily News reports that Russian hackers stole ID data of 54 million Turkish citizens.[10]
• December 17: McAfee Labs discovers variants of Reveton (Ransom-FFK!, Ransom-FFM!, Ransom-FFN!, Ransom-FFO!, and Ransom-FFQ!) that come with various flavors of encryption to evade antimalware detections.[11]
• December 17: CVE-2013-5329 on Adobe Flash Version 11.9.900.117 is found integrated in the Angler exploit kit.[12]
• December 19: Target confirms approximately 40 million credit and debit card accounts may have been impacted after unauthorized access to its payment system.[13] Later, Target raised the figure to 70 million.[14]
[1] http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html
[2] http://datalossdb.org/
[3] http://blogs.mcafee.com/mcafee-labs/quarian-group-targets-victims-with-spearphishing-attacks
[4] http://blogs.mcafee.com/mcafee-labs/targeted-attack-focuses-on-single-system
[5] http://blogs.mcafee.com/mcafee-labs/mcafee-labs-detects-zero-day-exploit-targeting-microsoft-office-2
[6] http://blogs.mcafee.com/consumer/mobile-malware-used-in-sabotage-campaign-by-hackers-in-the-middle-east
[7] http://blogs.mcafee.com/mcafee-labs/more-japanese-chat-apps-on-google-play-steal-phone-numbers
[8] http://blogs.mcafee.com/mcafee-labs/androidballoonpopper-sums-up-mobile-threat-landscape-in-2013
[9] http://blogs.mcafee.com/mcafee-labs/suspicious-apps-on-google-play-leak-google-account-ids
[10] http://www.hurriyetdailynews.com/russian-hackers-stole-54-million-turkish-citizens-id-data-claim.aspx
[11] http://blogs.mcafee.com/mcafee-labs/reveton-ransomware-hides-behind-encryption
[12] http://malware.dontneedcoffee.com/2013/12/cve-2013-5329-or-cve-2013-5330-or.html
[13] http://pressroom.target.com/news/target-confirms-unauthorized-access-to-payment-card-data-in-u-s-stores
[14] http://money.cnn.com/2014/01/10/news/companies/target-hacking/
Original article: By Francois Paget on Mar 11, 2014