Sun, Mar 26, 2017 | updated 02:40 PM IST

Asian, African Banks are attacked using zero-day vulnerability

Updated: Nov 24, 2016 16:35 IST

New Delhi [India], Nov.24 (ANI): Kaspersky Lab's Global Research and Analysis Team has discovered attacks which appear to be using a zero-day exploit (a malicious program allowing additional malware to be silently installed) for the InPage text editor.

InPage is a software package used by Urdu- and Arabic-speaking people and organizations around the world. The exploit was used in attacks against banks in several Asian and African countries.

InPage is widely used by media and print shops, as well as governmental and financial institutions, such as banks, that work with texts written in Perso-Arabic scripts.

According to the InPage website, in addition to India and Pakistan, where the software is widely used, there are thousands of users in other countries such as the UK, the US, Canada, a number of countries in the European Union, South Africa, Bangladesh, Japan and other territories.

The total number of InPage users is almost 2 million worldwide.

Attacked organizations identified by Kaspersky Lab researchers are located in Myanmar, Sri-Lanka and Uganda.

An example of a spear-hishing email containing a malicious InPage document.

The exploit is delivered to the victim via a spear-phishing email with the infected document attached. Upon successful exploitation of the vulnerability, the malware reports to a command and control server and then downloads legitimate remote access tools.

In some cases it downloads malware based on the source code of the infamous banking Trojan ZeuS. This set of tools is typical for financial cybercriminals.

The exact set of malicious instruments downloaded to the infected machine varies from victim to victim, as do the command and control servers from which the malicious tools are downloaded. This - along with a number of other artefacts makes Kaspersky Lab researchers think that the zero-day is utilized by several threat groups.

It is not the first time that we see specific "local" software used to infect victims in a cyber attack. In 2013 Kaspersky Lab researchers observed similar tactics in the attacks attributed to the Icefog campaign. That time the attacker used malicious HWP documents which are made to work with Hangul Word Processor, a proprietary word processing application used extensively in South Korea.

"The use of vulnerabilities in specific software with a relatively low global presence and a very narrow target audience is an easy-to-understand tactic. The attackers adjust their tactics to their target's behavior by developing exploits for custom software which doesn't always receive the kind of scrutiny that big software companies apply to their products. Since local software is not a common target of exploit writers, vendors are not very responsive to vulnerability reports and existing exploits remain workable for a long time," - said Denis Legezo, security expert at Kaspersky Lab GReAT.

Thanks to a wide range of technologies, users of Kaspersky Lab solutions have already been protected against this attack for quite some time - and the protection has worked well in blocking a number of malicious InPage documents. Kaspersky Lab products successfully detect the InPage exploit with the following detection name: HEUR:Exploit.Win32.Generic.

Kaspersky Lab researchers are not yet aware of any actual incidents involving the theft of money as a result of infections using the InPage exploit. However this doesn't mean that such attacks aren't happening. Therefore security specialists advise financial organizations to check their systems for the presence of these threats and to implement the following measures:

• Make sure you have a corporate-grade internet security suite capable of catching exploits generically, such as Kaspersky Endpoint Security for Business.

• Instruct your staff not to open attachments or URLs in emails sent from unknown sources.

• Use the most recent versions of software on endpoints in your company. Avoid using software known to be vulnerable. To automate these task use Vulnerability Assessment and Patch Management solutions.

• Subscribe to a professional threat intelligence service like Kaspersky Lab's APT reporting service to get instant access to actionable information on the most recent cyberattacks which may target your organization.

• Educate your staff in cybersecurity. The malware sample that enabled the discovery of the exploit was found with the help of specifically created Yara rules. Invest in the education of your security staff so that they are able to do the same on their own and therefore protect your organization from sophisticated targeted attacks.

To learn more about targeted attacks using the InPage zero-day vulnerability read the blog post on Securelist.com. (ANI)

New Delhi [India], Mar. 23 (ANI): Yaantra, a start-up that offers doorstep repair services and sells refurbished and pre owned smart-phones with warranty has now launched its first ever branded retail store in the city.

Full Story >>

New Delhi [India], Mar 24 (ANI): DataWind on Friday announced expansion in its product portfolio with the introduction of the largest smartphone in its lineup, the new MoreGMax 3G6 smartphone, with a six-inch screen priced at Rs. 5999 (approximately USD 90 USD).

Full Story >>

New Delhi [India], Mar 24 (ANI): Imagine losing all the photos, videos, messages, and documents you've stored on your computer. How much money would you be willing to pay to get it all back? Ransomware is malware that infects your computer, locks it, and demands payment for unlocking it. And the number of new ransomware has been at least doubling each year since 2013.

Full Story >>

New Delhi [India], Mar 23 (ANI): Nokia on Thursday announced the completion of the first pre-standard testing of 600MHz on commercially-available hardware, creating a test bed for terminal ecosystem development and availability.

Full Story >>

New Delhi [India], Mar. 23 (ANI): In keeping with Prime Minister Narendra Modi's vision of a 'New India', Google India and the Ministry of Electronics and Information Technology (MEITY) announced a set of initiatives aimed at empowering citizens and creating abundant opportunities for all.

Full Story >>

New Delhi [India], Mar 23 (ANI): World leader in digital security Gemalto on Thursday announced that Microsoft Azure Information Protection customers can now take advantage of the new "Hold Your Own Key" (HYOK) functionality using Gemalto's SafeNet Luna Hardware Security Modules (HSMs).

Full Story >>

New Delhi [India], Mar 23 (ANI): IBM on Thursday announced a strategic partnership to offer 'RetailSmart', an end-to-end fully integrated solution that will enable local 'Kirana' (unorganized) stores to become ecommerce ready.

Full Story >>

New Delhi [India], Mar 23 (ANI): "Where are you now?" and "What's your ETA?" Whether you're heading to a party or meeting up for dinner, you probably hear questions like this pretty often from family and friends. Soon Google Maps users worldwide will be able to answer those questions in just a few taps, without ever leaving the app.

Full Story >>

Build your brand through Snapchat!

Updated: Mar 23, 2017 12:38 IST

New Delhi [India], Mar. 23 (ANI): Oh Snap! Aren't you on Snapchat yet?

Full Story >>

New Delhi [India], Mar 22 (ANI): In the dynamic economic environment in India, businesses should focus on not just providing a good value for money product, but an equally excellent customer service experience to attract and retain customers. According to the findings of the American Express® 2017 Global Customer Service Barometer released today, 84 percent Indian consumers say the quality of customer service is very important when they're deciding to become or remain a customer.

Full Story >>

New Delhi [India], Mar.22 (ANI): Starting an online business is by no means an easy undertaking.

Full Story >>

New Delhi [India], Mar. 21 (ANI): Industry's broadest and most integrated public cloud Oracle has announced that an increasing number of global enterprises, SMBs, and ISVs are choosing the Oracle Cloud Platform to speed innovation, simplify IT, reduce costs, and deliver stellar customer experiences to easily develop, test, and deploy high-performance applications in the cloud.

Full Story >>

New Delhi [India], Mar. 21 (ANI): IBM and Red Hat, Inc. On Tuesday announced a strategic collaboration designed to help enterprises benefit from the OpenStack platform's speed and economics while more easily extending their existing Red Hat virtualized and cloud workloads to the IBM Private Cloud.

Full Story >>

New Delhi/ Bengaluru [India], Mar. 21 (ANI) LeEco has announced its exclusive partnership with Amazon, for its newly launched globally acclaimed, next generation ecotvs in India. To kick-start the partnership and incentivize consumers, several great offers have been extended which are proving to be a big hit.

Full Story >>

New Delhi [India], Mar. 21 (ANI): More than 99 percent of all malware designed for mobile devices targets Android devices, explained Olaf Pursche, Head of Communications at AV-TEST, in the F-Secure State of Cyber Security 2017.

Full Story >>

NEC joins FIWARE Foundation as platinum member

Updated: Mar 21, 2017 12:01 IST

Tokyo [Japan], Mar. 21 (ANI): NEC Corporation (NEC; TSE: 6701) has announced that it has joined the FIWARE Foundation e.V., a non-profit organization promoting the dissemination of FIWARE technology (*1), as a platinum member. NEC is the first and only Japanese company to join the foundation.

Full Story >>

Dusseldorf /Tokyo [Japan], Mar. 21 (ANI): NEC Corporation (NEC; TSE: 6701) has announced that NEC Deutschland GmbH has delivered a supercomputer utilizing NEC's scale-out LX series compute servers featuring the new Intel® Xeon® E5-2600 v4 product family, to RWTH Aachen University, one of 11 "Universities of Excellence" in Germany, offering high performance computing services for engineering and scientific research.

Full Story >>

New Delhi [India], Mar 20 (ANI): HTC Corporation, a leading innovator in mobile and virtual reality technology has announced the launch of HTC Sense Companion on its recently launched flagship smartphones HTC U Ultra and HTC U Play.

Full Story >>

New Delhi [India], Mar. 20 (ANI): The advent of smartphones within the country has brought about a paradigm change in the lifestyles of Indian consumers. But with the rise in online transactions, mobile-based banking, and the amount of personal data stored on mobile devices, there have also emerged serious questions about the security aspect. It is to address these qualms and to make mobile usage more secure for its end-users that very few brands have integrated iris scanners in their smartphones.

Full Story >>

New Delhi [India], Mar 20 (ANI): Digital clutter is growing due to an explosion in application usage and advances in the storage capacity of devices. But poor maintenance of these apps is leaving devices vulnerable to security threats. A new report by Kaspersky Lab reveals the scale of the digital clutter problem among Internet users worldwide.

Full Story >>