Wed, Jun 28, 2017 | updated 10:53 PM IST

Asian, African Banks are attacked using zero-day vulnerability

Updated: Nov 24, 2016 16:35 IST      
Asian, African Banks are attacked using zero-day vulnerability

New Delhi [India], Nov.24 (ANI): Kaspersky Lab's Global Research and Analysis Team has discovered attacks which appear to be using a zero-day exploit (a malicious program allowing additional malware to be silently installed) for the InPage text editor.

InPage is a software package used by Urdu- and Arabic-speaking people and organizations around the world. The exploit was used in attacks against banks in several Asian and African countries.

InPage is widely used by media and print shops, as well as governmental and financial institutions, such as banks, that work with texts written in Perso-Arabic scripts.

According to the InPage website, in addition to India and Pakistan, where the software is widely used, there are thousands of users in other countries such as the UK, the US, Canada, a number of countries in the European Union, South Africa, Bangladesh, Japan and other territories.

The total number of InPage users is almost 2 million worldwide.

Attacked organizations identified by Kaspersky Lab researchers are located in Myanmar, Sri-Lanka and Uganda.

An example of a spear-hishing email containing a malicious InPage document.

The exploit is delivered to the victim via a spear-phishing email with the infected document attached. Upon successful exploitation of the vulnerability, the malware reports to a command and control server and then downloads legitimate remote access tools.

In some cases it downloads malware based on the source code of the infamous banking Trojan ZeuS. This set of tools is typical for financial cybercriminals.

The exact set of malicious instruments downloaded to the infected machine varies from victim to victim, as do the command and control servers from which the malicious tools are downloaded. This - along with a number of other artefacts makes Kaspersky Lab researchers think that the zero-day is utilized by several threat groups.

It is not the first time that we see specific "local" software used to infect victims in a cyber attack. In 2013 Kaspersky Lab researchers observed similar tactics in the attacks attributed to the Icefog campaign. That time the attacker used malicious HWP documents which are made to work with Hangul Word Processor, a proprietary word processing application used extensively in South Korea.

"The use of vulnerabilities in specific software with a relatively low global presence and a very narrow target audience is an easy-to-understand tactic. The attackers adjust their tactics to their target's behavior by developing exploits for custom software which doesn't always receive the kind of scrutiny that big software companies apply to their products. Since local software is not a common target of exploit writers, vendors are not very responsive to vulnerability reports and existing exploits remain workable for a long time," - said Denis Legezo, security expert at Kaspersky Lab GReAT.

Thanks to a wide range of technologies, users of Kaspersky Lab solutions have already been protected against this attack for quite some time - and the protection has worked well in blocking a number of malicious InPage documents. Kaspersky Lab products successfully detect the InPage exploit with the following detection name: HEUR:Exploit.Win32.Generic.

Kaspersky Lab researchers are not yet aware of any actual incidents involving the theft of money as a result of infections using the InPage exploit. However this doesn't mean that such attacks aren't happening. Therefore security specialists advise financial organizations to check their systems for the presence of these threats and to implement the following measures:

• Make sure you have a corporate-grade internet security suite capable of catching exploits generically, such as Kaspersky Endpoint Security for Business.

• Instruct your staff not to open attachments or URLs in emails sent from unknown sources.

• Use the most recent versions of software on endpoints in your company. Avoid using software known to be vulnerable. To automate these task use Vulnerability Assessment and Patch Management solutions.

• Subscribe to a professional threat intelligence service like Kaspersky Lab's APT reporting service to get instant access to actionable information on the most recent cyberattacks which may target your organization.

• Educate your staff in cybersecurity. The malware sample that enabled the discovery of the exploit was found with the help of specifically created Yara rules. Invest in the education of your security staff so that they are able to do the same on their own and therefore protect your organization from sophisticated targeted attacks.

To learn more about targeted attacks using the InPage zero-day vulnerability read the blog post on Securelist.com. (ANI)

New Delhi [India], June 28 (ANI): ASUS Republic of Gamers (ROG) today announced that the ROG Masters 2017 - India and South Asia qualifiers and the finals will be hosted at The Lalit, Bengaluru on August 19, 2017.

Full Story >>

InFocus launches 'Turbo5' smartphone-cum-power bank

Updated: Jun 28, 2017 16:50 IST     

New Delhi [India], June 28 (ANI): Aiming to bounce back into the smartphone segment market in India, InFocus on Wednesday unveiled its latest device 'Turbo5' at Rs. 6,999 for the 16GB version and Rs. 7,999 for the 32GB version respectively.

Full Story >>

New Delhi [India], June 28 (ANI): IT service aggregator HCL Infosystems on Wednesday announced a strategic partnership with Parablu, a cloud data protection and management solutions provider.

Full Story >>

Tokyo [Japan], June 28 (ANI): Shimizu Construction Co. Ltd. of Japan is slated to oversee the construction of underground railway space extending 1.74 kilometers between the Opera House Station and Ba Son Station.

Full Story >>

New Delhi [India], June 28 (ANI): Kaspersky Lab's analysts are investigating the new wave of ransomware attacks targeting organizations across the world.

Full Story >>

EU slaps Google with record $2.7 billion fine

Updated: Jun 28, 2017 01:02 IST     

New York [U.S.A.], June 28 (ANI): European Union (EU) regulators penalised U.S. tech giant Google a record USD 2.7 billion antitrust fine on Tuesday, for denying 'consumers a genuine choice' by using its search engine to unfairly steer them to its own shopping platform.

Full Story >>

Seoul [Japan], June 27 (ANI): NEC Corporation on Tuesday announced that it has provided a facial recognition system to Seoul Sky, an observatory in Lotte World Tower, a 123-floor, 555-meter high skyscraper.

Full Story >>

Kaspersky's latest patent to counter audio spying

Updated: Jun 27, 2017 13:28 IST     

New Delhi [India], June 27 (ANI): Aiming to help to counter the threat posed by audio surveillance, Kaspersky Lab announced the launch of its latest patented technology to counteract unauthorised access to microphone data on Windows devices, which is being used in the company's flagship home solutions - Kaspersky Internet Security and Kaspersky Total Security.

Full Story >>

Make this Eid a tech-savvy one!

Updated: Jun 25, 2017 11:34 IST     

New Delhi [India], June 25 (ANI): Festivities are galore, as the nation gears up to celebrate Eid.

Full Story >>

Glide your way through bachelorhood with these five apps!

Updated: Jun 25, 2017 10:06 IST     

New Delhi [India], June 25 (ANI): Striking the perfect balance between personal and professional life can be tiresome.

Full Story >>

New Delhi [India], June 23 (ANI): Global mobile technology company OnePlus on Thursday launched its most awaited flagship 'OnePlus 5' in India priced at Rs. 32,999 for the 6GB RAM and 64GB storage version and Rs. 37,999 for 88GB RAM and 128GB storage version.

Full Story >>

New Delhi [India], June 23 (ANI): Social media giant Facebook has finally set up its new 'Group Insights' feature to enable proper administration of groups administrators (admins) to hold a more stringent check of the content being posted online.

Full Story >>

Online banking users to reach 150 billion by 2020: Study

Updated: Jun 22, 2017 16:35 IST     

New Delhi [India], June 22 (ANI): With the ongoing digital drive in India, the number of users opting for online banking is expected to double to reach 150 million mark by 2020, from the current 45 million active urban online banking users in India, according to a report drafted by Facebook and The Boston Consulting Group (BCG).

Full Story >>

Video-calling made easier with Google Allo's latest update

Updated: Jun 22, 2017 14:46 IST     

New Delhi [India], June 22 (ANI): With the latest update on Allo messaging app, users can now make video calls using Google Duo, without going to the app itself!

Full Story >>

Instagram Stories now has 250m users, new 'replay' feature

Updated: Jun 21, 2017 17:38 IST     

New Delhi [India], June 21 (ANI): Commemorating its achievement of registering 250 million daily users on its 'Stories' feature, social media engagement platform Instagram on Wednesday announced an update to its 'Live Video' segment.

Full Story >>

HP Inc. introduces two new convertible notebooks

Updated: Jun 21, 2017 15:22 IST     

New Delhi [India], June 21 (ANI): Aiming to instill creativity among students, professionals and millennials, HP Inc. on Wednesday introduced two new convertible notebooks - HP Pavillion x360 and HP Spectre x360, enabled with Windows Ink capabilities.

Full Story >>

New Delhi [India], June 20 (ANI): In a bid to inspire art enthusiasts around the world to brush up their art knowledge and become art experts, Google has announced the latest updates on Search and Maps driving newer ways to experience artworks online.

Full Story >>

Hike launches wallet, UPI payments for quick transactions

Updated: Jun 20, 2017 17:32 IST     

New Delhi [India], June 20 (ANI): Home-grown messaging platform Hike Messenger on Tuesday launched the feature of 'Hike Wallet' on its all-new visually unique version Hike 5.0 to send and receive money in the most easiest manner.

Full Story >>

Waterloo [Ontario], June 20 (ANI): BlackBerry Limited on Tuesday announced productivity and security enhancements to its enterprise software platform designed to power the 'Enterprise of Things'.

Full Story >>

New Delhi [India], June 20 (ANI):The crippling financial implications of online banking security incidents have been brought to light by the latest Kaspersky Lab report into cyber security threats in the financial sector.

Full Story >>