Wed, Feb 22, 2017 | updated 04:46 PM IST

Asian, African Banks are attacked using zero-day vulnerability

Updated: Nov 24, 2016 16:35 IST

New Delhi [India], Nov.24 (ANI): Kaspersky Lab's Global Research and Analysis Team has discovered attacks which appear to be using a zero-day exploit (a malicious program allowing additional malware to be silently installed) for the InPage text editor.

InPage is a software package used by Urdu- and Arabic-speaking people and organizations around the world. The exploit was used in attacks against banks in several Asian and African countries.

InPage is widely used by media and print shops, as well as governmental and financial institutions, such as banks, that work with texts written in Perso-Arabic scripts.

According to the InPage website, in addition to India and Pakistan, where the software is widely used, there are thousands of users in other countries such as the UK, the US, Canada, a number of countries in the European Union, South Africa, Bangladesh, Japan and other territories.

The total number of InPage users is almost 2 million worldwide.

Attacked organizations identified by Kaspersky Lab researchers are located in Myanmar, Sri-Lanka and Uganda.

An example of a spear-hishing email containing a malicious InPage document.

The exploit is delivered to the victim via a spear-phishing email with the infected document attached. Upon successful exploitation of the vulnerability, the malware reports to a command and control server and then downloads legitimate remote access tools.

In some cases it downloads malware based on the source code of the infamous banking Trojan ZeuS. This set of tools is typical for financial cybercriminals.

The exact set of malicious instruments downloaded to the infected machine varies from victim to victim, as do the command and control servers from which the malicious tools are downloaded. This - along with a number of other artefacts makes Kaspersky Lab researchers think that the zero-day is utilized by several threat groups.

It is not the first time that we see specific "local" software used to infect victims in a cyber attack. In 2013 Kaspersky Lab researchers observed similar tactics in the attacks attributed to the Icefog campaign. That time the attacker used malicious HWP documents which are made to work with Hangul Word Processor, a proprietary word processing application used extensively in South Korea.

"The use of vulnerabilities in specific software with a relatively low global presence and a very narrow target audience is an easy-to-understand tactic. The attackers adjust their tactics to their target's behavior by developing exploits for custom software which doesn't always receive the kind of scrutiny that big software companies apply to their products. Since local software is not a common target of exploit writers, vendors are not very responsive to vulnerability reports and existing exploits remain workable for a long time," - said Denis Legezo, security expert at Kaspersky Lab GReAT.

Thanks to a wide range of technologies, users of Kaspersky Lab solutions have already been protected against this attack for quite some time - and the protection has worked well in blocking a number of malicious InPage documents. Kaspersky Lab products successfully detect the InPage exploit with the following detection name: HEUR:Exploit.Win32.Generic.

Kaspersky Lab researchers are not yet aware of any actual incidents involving the theft of money as a result of infections using the InPage exploit. However this doesn't mean that such attacks aren't happening. Therefore security specialists advise financial organizations to check their systems for the presence of these threats and to implement the following measures:

• Make sure you have a corporate-grade internet security suite capable of catching exploits generically, such as Kaspersky Endpoint Security for Business.

• Instruct your staff not to open attachments or URLs in emails sent from unknown sources.

• Use the most recent versions of software on endpoints in your company. Avoid using software known to be vulnerable. To automate these task use Vulnerability Assessment and Patch Management solutions.

• Subscribe to a professional threat intelligence service like Kaspersky Lab's APT reporting service to get instant access to actionable information on the most recent cyberattacks which may target your organization.

• Educate your staff in cybersecurity. The malware sample that enabled the discovery of the exploit was found with the help of specifically created Yara rules. Invest in the education of your security staff so that they are able to do the same on their own and therefore protect your organization from sophisticated targeted attacks.

To learn more about targeted attacks using the InPage zero-day vulnerability read the blog post on Securelist.com. (ANI)

New Delhi [India], Feb 22 (ANI): According to Kaspersky Lab "Spam and phishing in 2016"report, about 20 percent of all spam emails in Q4 2016distributed ransomware Trojans. The Kaspersky Lab spam report also identified the following trends in 2016

Full Story >>

HP launches OMEN gaming portfolio in India

Updated: Feb 22, 2017 15:32 IST

New Delhi [India], Feb. 22 (ANI): HP Inc. launched the debut of its gaming portfolio in India - OMEN by HP, featuring an array of products built for gamers combining the latest in PC innovation, delivering power and performance to dominate competition.

Full Story >>

New Delhi [India], Feb. 22 (ANI): Optical fibre broadband service provider Spectranet on Wednesday announced their next phase of expansion in South India by launching its operations in Bengaluru.

Full Story >>

New Delhi, [India], Feb. 22 (ANI): ADDA GateKeeper, a security management platform for apartment complexes, launched a range of security measures to tighten security in large apartment complexes across most Tier I cities.

Full Story >>

Who controls your car without you knowing?

Updated: Feb 21, 2017 16:43 IST

New Delhi [India], Feb.21 (ANI): Kaspersky Lab researchers have examined the security of applications for the remote control of cars from several famous car manufacturers. As a result, the company's experts have discovered that all of the applications contain a number of security issues that can potentially allow criminals to cause significant damage for connected car owners.

Full Story >>

New Delhi [India], Feb 21 (ANI): World leader in digital security Gemalto is presenting the newest release of its On Demand Connectivity and eSIM technology for Windows 10 devices, in connection with Microsoft.

Full Story >>

New Delhi [India], Feb. 21 (ANI): In lieu of its eighth birthday on February 24, 2017, WhatsApp messenger, the instant messaging platform introduced a new update which is set to revamp the status feature.

Full Story >>

New Delhi [India], Feb 20 (ANI): NEC Corporation has announced that it has completed joint verification trials with NTT DOCOMO, Inc. using Massive Multiple Input Multiple Output (MIMO), a core technology for 5G base stations.

Full Story >>

New Delhi [India], Feb 19 (ANI): SyncNScan is a young company, which was set up by ex-Microsoft leaders and they were pioneers in introducing anti-virus for mobile devices.

Full Story >>

New Delhi [India], Feb. 17 (ANI): Ericsson introduced a 5G platform for the needs of the first movers in 5G. Communications are rapidly moving toward data-heavy applications like Virtual Reality and Augmented Reality everywhere.

Full Story >>

New Delhi [India], Feb. 17 (ANI): Aeris Communications' 'AerCloud' is an IoT cloud platform for collecting, managing and analysing sensor data for Internet of Things (IoT) and machine-to-machine (M2M) applications.

Full Story >>

New Delhi [India], Feb. 17 (ANI): Oracle India on Thursday announced that Oracle Management Cloud service has provided Indian companies with smarter insights and swifter action, thereby eliminating slow transactions.

Full Story >>

New Delhi [India], Feb 16 (ANI): LeEco, the internet and technology conglomerate's second generation Superphones Le2 (3+32) and Le Max2 to be a star attraction on popular e-commerce platform, Snapdeal during their Exchange Offer Days between February 16 to 18.

Full Story >>

New Delhi [India], Feb 16 (ANI): Kaspersky Lab on Thursday announced the

Full Story >>

New Delhi [India], Feb 16 (ANI): Leading provider of customer experience

Full Story >>

New Delhi [India], Feb 16 (ANI): As per the International Data Corporation (IDC) India Q4 2016 smartphone market report, Lenovo has emerged as the second best smartphone brand in CY 2016 with 8.9 percent and 9.8 percent market share by volume and value respectively.

Full Story >>

Gift-giving made easier this Valentine's Day

Updated: Feb 14, 2017 13:26 IST

New Delhi [India], Feb. 14 (ANI): For those who are struggling for ideas to gift to their other half on the big day of love, the ''Valentine's Day', here are some latest tech savvy gift ideas, from smart devices to gadgets put together for him and her:

Full Story >>

New Delhi [India], Feb 14 (ANI): cloud applications and platform services Oracle on Tuesday announced expansion of its 'Oracle Cloud Platform's' data integration offerings with the launch of Oracle Data Integrator Cloud, which will signify, simplify and accelerate cross-enterprise data integration to support real-time analytics that help organizations drive better business decisions.

Full Story >>

New Delhi [India], Feb. 14 (ANI): In a move to introduce the concept of virtual reality (VR) in the Indian market, Anand Gandhi's Memesys Cultural Labs has launched ElseVR, India's first VR platform.

Full Story >>

New Delhi [India], Feb. 14 (ANI): Google on Tuesday announced the launch of Google Maps' new feature 'Lists'. The feature has been designed to help an individual create a list of his/her favourite places. This feature is currently available on Android and iOS softwares.

Full Story >>