Gary Hayslip, CISO at Webroot, https:// http://wbrt.io/vccg about popular third-party chat platforms like Slack that are being hijacked by cybercrimainals to create command-and-control communications for their malware campaigns.
"The appeal of these chat programs for cybercriminals is born from the fact that many of them are free, easy to use, and incorporate application programming interface (API) components that simplify connections between the programs and custom-built applications. It’s this use of APIs that allows hackers to operate undetected on corporate networks. This clever technique enables hackers to entrench their access by camouflaging themselves with normal data flows. Plus, because this malware leverages software platforms and services that are readily available (and free), all hackers need to do in order to stay connected to their growing malware bot farm is set up an account on their chat platform of choice."
More info on how these hackers are doing this and what you can do to protect yourself https:// http://wbrt.io/vccg.
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.