Kaspersky: group Chafer e-learning targeting the embassies of the software subversive

The gate Arab News Technical The Gate Arab News Technical

Discovered by researchers working for Kaspersky Lab, the Russian leader in the field of Information Security, several attempts to launch cyber attacks on bodies, foreign diplomats in Iran using spy software homemade.

Believes Kaspersky Lab that the disruptive potential behind the attacks resorted to an updated version of the malicious software Remexi, in the use as well as a number of software tools legitimate during the campaign.

The company said that the software Remexi malicious arrangement range spy electronic speaking in Persian you know by name Chafer, was connected in the previous operations, electronic surveillance of individuals in countries in the Middle East. This may suggest the targeting of embassies to the new focus of concern for this group is disruptive.

The Kaspersky that this process shed light on the ability of the subversive that is active in the emerging regions on the implementation of the campaigns mounting against targets of interest to them using the spy software is relatively simple and made locally, next to the tools available at hand. Attackers have used, in this case an improved version of the Remexi, the tool that allows the remote device to the victim.

Referred to it was discovered Remexi for the first time in the year 2015, while using his spy kit letter named Chafer in order to conduct a surveillance operation across the internet, targeting individuals and a number of institutions throughout the Middle East. Given that the software used in the new campaign is similar to the state Remexi known, with the similarity of the groups of the victims targeted, has shown researchers at Kaspersky Lab moderate level of confidence when connecting them to this campaign group Chafer.

And feature software newly discovered malicious Remexi the ability to execute remote commands and take pictures of the content of the screen Data browser, including user credentials, login data, history, and any text written in another, etc. And pull data stolen via service Microsoft Background Intelligent Transfer Service legitimate from Microsoft which is considered a component of Windows designed to enable the system to perform updates in the background. Helps guide the subversive groups towards the beauty between malware and legitimate, to save time and resources when creating their software is malicious, and make attribution of the software to the underlying process more complex.

Said Dennis to a boil, a security researcher has Kaspersky Lab, the talk about campaigns, the spy letter sponsored by a state, often suggests to the listener operations spy advanced you tools complex developed by experts, but confirmed that the people who are behind the campaign to trade this seem like systems more than others, subversive, sophisticated, explaining that they are “experts in programming, but their campaign is largely dependent on the creative use of the tools already available, rather than relying on new and advanced infrastructure or detailed sector code.

Added to: “can simple tools and relatively extensive damage, so we urge companies and organizations to protect their information and their data and their computer and technical value of threats at all levels, and the use of information and developments related to threats to understand how the development of the scene”.

The cost of Kaspersky Lab products on the malicious software Remexi that have been updated as a Trojan.Win32.Remexi Trojan.Win32.Agent.

Said Kaspersky Lab it should be for companies, institutions and diplomatic and follow the following procedures for protection of software, trade-oriented, including use of the security solution level of the founders of the capacity installed in the design of attack-oriented, powered by Information threat.

As should be corporate initiatives in security awareness to enable staff to master the skills to identify suspicious messages. Email is considered an input common attack oriented. It should also provide security teams access to the latest information and developments related to the threats, to keep abreast of the latest methods and tools used by cybercriminals, and strengthen security controls used already.

The gate Arab News Technical Kaspersky: group Chafer for e-learning hosts the embassies of software sabotage

If you are watching what you read now, be aware that this content a user is illegally in this location, and the original position of the gate Arab News Technical

Leave a Reply

Your email address will not be published. Required fields are marked *