Smooth-tongued online lovers struggle to get to grips with slimy RAT infestations
By John Leyden, 22 Jul 2014 Nigerian scammers are developing beyond 419 advance-fee fraud scams against individuals by using trojans to steal valuable information from businesses instead.Security researchers at Palo Alto Networks reports that cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses that have not previously been their primary targets. Over the last three years or so the Lads from Lagos are using tools more commonly associated with comparatively sophisticated criminal and espionage groups in order to steal business-critical data from enterprises.
Today's Nigerian criminals are using Remote Administration Tools (RATs) and other malware available through underground forums, including commercial RATs such as NetWire, that establish complete control over infected systems. The Silver Spaniel malware associated with these attack is undergoing constant modification so that it stays one step ahead of anti-virus and other security software defences.
The cybercrooks also use a second (crypting) tool named DataScrambler to render the file undetectable by most antivirus engines before distributing the infection file as e-mail attachments. One such infected file was called “Quatation For Iran May Order.exe” and "New Samples Required.exe". The Nigerians are not coding the malware themselves, it is believed.
Full story