Russian hackers use small sweet photo to hide C&C server – Penetration Testing

A Russian ATP organization Turla was found using a clever way to hide traces. Turla mainly for government agencies, embassies, military, research institutions and pharmaceutical companies to steal sensitive information, the same name malicious programs can infect Windows and Linux, its Linux module extensive use of open source static link library, has been found to hijack satellite chain The road communicates with the command control center.

According to the latest report by security company Eset researchers, Turla has released a Firefox extension with a backdoor, using a bit.ly call to the command control center to get instructions, but the extension code does not find the URL path, which is passed through a small sweet cloth Lenny official Instagram account on a message gets commanded to control the server’s path. The extension will check the message under each of the subtitles, calculate a custom hash value, and if the hash value matches, it will run the regular expression to get the bit.ly shrink.

The post Russian hackers use small sweet photo to hide C&C server appeared first on Penetration Testing. http://ift.tt/2sfidQ9 http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s