A MiTM attack is all about eavesdropping. A third-party secretly puts themselves in the middle of two partied talking to each other.
Malicious emails are in circulation claiming to contain an invoice from a Kitchen Appliance company, but instead contains the dangerous Zbot.
The threat known as Dyre was originally spotted by security firm CSIS and by PhishMe which also had uncovered the new malware earlier in June.
Back then, the threat was aimed at banks and other financial institutions, something very reminiscent of other banking Trojans such as Zeus and its variants.
But researchers discovered that the malware is now capable of capturing login credentials from Salesforce users by redirecting them through a phishing website.
Dyre will initially infect users through some form of social-engineering, typically with an email that contains a malicious attachment. Once on the system, the malware can act as a man-in-the-middle and intercept every single keystroke. To be clear, this is not a vulnerability with Salesforce or its website, but rather a type of malware that leverages compromised end-point machines.
A new variant of the Zeus/Zbot trojan, dubbed ZeusVM, is using images as a decoy to retrieve its configuration file, and waits to steal banking info.
Awareness and education about online dangers is essential but headlines like “Malware That Drains Your Bank Account Thriving On Facebook” instill fear while at the same time blame Facebook — something that may not be entirely justified.
In old times, a citadel was a fortress used as the last line of defense. For cyber criminals it is a powerful and state-of-the-art toolkit to both distribute malware and manage infected computers (bots). Citadel is an offspring of the (too) popular Zeus crimekit whose main goal is to steal banking credentials by capturing keystrokes…
As mentioned last week, the Malwarebytes crew made it out to DefCon this year to check out all of the interesting talks and presentations given by various members of the computer/intelligence security community. This blog is meant to summarize most of what we saw, giving a brief explanation of which talks we thought were the…