Mideast firms warned over new cyber threats
Dubai, July 22, 2014
Cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses in the Middle East that have not previously been their primary targets, a recent report has warned.
The new report ‘419 Evolution’ released from Unit 42, the threat intelligence team of Palo Alto Networks, pointed out how Nigeria-based scammers are now using the same tools more sophisticated criminal and espionage groups often deploy to steal business-critical data from enterprises worldwide, including the Middle East.
Nigerian criminals are infamous for running easily-spotted ‘419’ phishing scams that attempt to collect credit card details or personal information from individuals, but over the past few years have expanded their skills to target businesses using more advanced techniques, it said.
Palo Alto Networks researchers discovered these activities and techniques, code-named Silver Spaniel, using WildFire, which rapidly analyses cyberthreats in a cloud-based, virtual sandbox environment.
The research found that Remote Administration Tools (RATs) were used by the criminals, available through undergroup forums, including commercial RATs such as NetWire, that provide complete control over infected systems
The attacks, similar to Silver Spaniel in the past may have come from Eastern Europe or a hostile espionage group, but businesses have not traditionally dedicated resources to these potentially impactful spammers from Nigeria, it said.
The traditional anti-virus programmes and legacy firewalls are ineffective because Silver Spaniel attacks are specifically designed to evade those technologies, it revealed.
Saeed Agha, general manager, Middle East, Palo Alto Networks, said: “Every organisation in the Middle East that holds valuable information on their servers is vulnerable today and should be aware of the latest attacks. You can reveal data stolen by Silver Spaniel attackers and protect yourself, so please download these tools that are free of charge.”
The company has also released a free tool to decrypt and decode command and control traffic and reveal data stolen by Silver Spaniel attackers to protect against the NetWire RAT. - TradeArabia News Service