HackDig : Dig high-quality web security articles for hacker

REDBALDKNIGHT/BRONZE BULTER’s Daserf Backdoor Now Using Steganography

by Joey Chen and MingYen Hsieh (Threat Analysts) REDBALDKNIGHT, also known as BRONZE BUTLER and Tick, is a cyberespionage group known to target Japanese organizations such as government agencies (including defense) as well as those in biotechnology, electronics manufacturing, and industrial chemistry. Their campaigns employ the Daserf backdoor (detected by T
Publish At:2017-11-07 11:35 | Read:6484 | Comments:0 | Tags:Malware Targeted Attacks Vulnerabilities BRONZE BULTER Daser

A simple example of a complex cyberattack

We’re already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious campaign that we detected a while ago – we named it ‘M
Publish At:2017-09-26 14:25 | Read:1081 | Comments:0 | Tags:Research DLL hijacking Dropper Microsoft Word Social Enginee

Steganography in contemporary cyberattacks

Steganography is the practice of sending data in a concealed format so the very fact of sending the data is disguised. The word steganography is a combination of the Greek words στεγανός (steganos), meaning “covered, concealed, or protected”, and γράφειν (graphein) meaning “writing”. Unlike cryptography, which conceals the cont
Publish At:2017-08-03 06:35 | Read:1450 | Comments:0 | Tags:Publications APT Crypto steganography

How to Hide Information with Ordinary Office Printers

The printer you have in your office may be less innocent than you thought. Some experts have already shown that they can even become a steganographic tool, the art, well-known in computer security, of hiding information from prying eyes. A few years ago, the Electronic Frontier Foundation, an organization that defends civil liberties on the internet, reporte
Publish At:2017-01-26 15:35 | Read:1422 | Comments:0 | Tags:Technology printers security steganography

Sundown Exploit Kit now leverages on the steganography

A new variant of the Sundown exploit kit leverages on steganography to hide exploit code in harmless-looking image files. Security experts from Trend Micro have spotted a new version of the Sundown exploit kit that exploits steganography in order to hide malicious code in harmless-looking image files. The use of steganography was recently observed in the mal
Publish At:2016-12-30 20:05 | Read:1492 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime malware Stegano

Updated Sundown Exploit Kit Uses Steganography

This year has seen a big shift in the exploit kit landscape, with many of the bigger players unexpectedly dropping out of action. The Nuclear exploit kit operations started dwindling in May, Angler disappeared around the same time Russia’s Federal Security Service made nearly 50 arrests last June, and then in September Neutrino reportedly went private and sh
Publish At:2016-12-29 13:35 | Read:2414 | Comments:0 | Tags:Exploits Malware Vulnerabilities exploit kit steganography S

Dozens of games infected with Xiny available on the Google Play

Experts at Dr Web discovered dozens of Android game apps in the Google Play Store have been infected with the Android.Xiny Trojan. Bad news for Android users, according to the security Doctor Web firm dozens of game apps in the Google Play Store have been infected with the Android.Xiny.19.origin Trojan. The malware could allow
Publish At:2016-02-01 12:55 | Read:1673 | Comments:0 | Tags:Breaking News Malware Mobile Android Android.Xiny Dr.Web gam

Attackers Embracing Steganography to Hide Communication

Encouraged by patterns carried out on a larger scale recently, researchers believe digital steganography has arrived as a legitimate method for attackers to use when it comes to obscuring communication between command and control servers.In a presentation last week at Black Hat Europe researchers with Crowdstrike and Dell SecureWorks cited a handful of campa
Publish At:2015-11-18 22:00 | Read:2032 | Comments:0 | Tags:Malware Black Hat Black Hat Europe Crowdstrike Dell SecureWo

Is Stegomalware in Google Play a Real Threat?

By Alfonso Muñoz @mindcryptFor several decades, the science of steganography hasbeen used to hide malicious code (useful in intrusions) or to create covertchannels (useful in information leakage). Nowadays, steganography can be appliedto almost any logical/physical medium (format files, images, audio, video,text, protocols, programming languages, file
Publish At:2015-09-22 14:55 | Read:3630 | Comments:0 | Tags:alfonso muñoz android crypto Cryptography google play hackin

New Hammertoss Espionage Tool Tied to MiniDuke Gang

The espionage gang behind the MiniDuke backdoor uncovered by Kaspersky Lab and CrySys Lab in 2013 has surfaced again with a new backdoor and attack platform that is used sparingly against only high-value targets.The new data theft tool, called Hammertoss, is a study not only in espionage capabilities, but also stealth and targeting. It’s been found so
Publish At:2015-07-29 20:05 | Read:1281 | Comments:0 | Tags:Cryptography Government Malware Privacy Web Security apt APT

US Healthcare companies are the most targeted by Stegoloader

The authors of the Stegoloader malware are exploiting digital steganography to target companies worldwide, mainly US Healthcare companies. A couple of weeks ago, the security researchers at Dell SecureWorks discovered a new strain of malware dubbed Stegoloader, that exploits steganography as an evasion technique. Once infected
Publish At:2015-06-28 20:45 | Read:1438 | Comments:0 | Tags:Breaking News Cyber Crime Malware healthcare Information Ste

US Healthcare Organizations Most Affected by Stegoloader Trojan

Most victims of the Stegoloader Trojan, which has recently been making its rounds in the news, are observed to come from healthcare organizations in North America.  The malware known as TROJ_GATAK has been active since 2012 and uses steganography techniques to hide components in .PNG files. Looking at recent victims of the Stegoloader malware, we observed th
Publish At:2015-06-24 18:35 | Read:1262 | Comments:0 | Tags:Malware GATAK steganography stegoloader

Stegoloader, a stealthy Information Stealer that exploits steganography

The authors of the Stegoloader malware are exploiting digital steganography to keep the information-stealing under the radar and avoid detection. Malware authors are prolific professionals always searching for techniques that can allow them to hide their malicious codes from detection. This week the security researchers at Del
Publish At:2015-06-18 03:25 | Read:1389 | Comments:0 | Tags:Breaking News Malware Information Stealer malware Pierluigi

Information-Stealing Stegoloader Malware Hides in Images

Malware writers aren’t hesitant to do what it takes to protect a campaign and keep it hidden from detection technologies and security researchers.The group behind the Stegoloader malware, disclosed Monday by researchers at Dell SecureWorks, has taken to digital steganography to keep its information-stealing code from being seen. Once having compromised
Publish At:2015-06-16 16:35 | Read:1112 | Comments:0 | Tags:Malware Web Security browser history cyberespionage Dell Sec

Vawtrak Uses Tor2Web making hard to track down its servers

Security experts at Fortinet uncovered a new strain of the Vawtrak banking Trojan is implementing an obscuring mechanism based on the Tor2Web service. The authors of the banking Trojan Vawtrak are adopting a new tactic to hide the traffic to its servers,  they are exploiting  the Tor2Web service to masquerade malicious connect
Publish At:2015-06-10 07:30 | Read:1491 | Comments:0 | Tags:Breaking News Malware Banking Malware Cybercrime malware oni


Share high-quality web security related articles with you:)


Tag Cloud