Careers & Certifications

07:00 PM
Connect Directly
RSS
E-Mail
50%
50%

Spear-Phishing Attack Uses Fake Subpoenas To Steal From CEOs

iDefense estimates that the attack went out to about 15,000 to 20,000 executives, resulting in about 1,800 confirmed malware victims.

"Like many other spear phishing attacks, the phisher performed research before launching his or her attack," Cyveillance explains on its Web site. "Specifically, the individual was able to locate [and] use our CEO's e-mail address and the Cyveillance phone number in the e-mail. This information was used to enable and build additional credibility for the attack."

James Brooks, director of product management at Cyveillance, said that anyone clicking on the malware link in the message would have be hit with a Trojan downloader, which would have phoned home to fetch additional malware.

"Most of these attacks are exploiting well known vulnerabilities," said Don Leatham, director of solutions and strategy for Lumension Security. "The first step is to eliminate the vulnerabilities by staying patched. There is the challenge of the zero-day threat, but from what we've seen, the majority of these Trojans are spreading through vulnerabilities that can be closed."

Leatham said that about half of the anti-virus software out there didn't recognize the malware in this attack, a fact that underscores the need for other forms of defense like user education.

The malware in question is a browser helper object known as a form grabber. "It's 'helping' function is to take all the data you enter into forms and send it back to the attacker," explained Matt Richard, director of rapid response for iDefense.

Previous
2 of 3
Next
Comment  | 
Print  | 
More Insights
Slideshows
Cartoon
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed