Fri, Apr 28, 2017 | updated 03:35 PM IST

Asian, African Banks are attacked using zero-day vulnerability

Updated: Nov 24, 2016 16:35 IST      
Asian, African Banks are attacked using zero-day vulnerability

New Delhi [India], Nov.24 (ANI): Kaspersky Lab's Global Research and Analysis Team has discovered attacks which appear to be using a zero-day exploit (a malicious program allowing additional malware to be silently installed) for the InPage text editor.

InPage is a software package used by Urdu- and Arabic-speaking people and organizations around the world. The exploit was used in attacks against banks in several Asian and African countries.

InPage is widely used by media and print shops, as well as governmental and financial institutions, such as banks, that work with texts written in Perso-Arabic scripts.

According to the InPage website, in addition to India and Pakistan, where the software is widely used, there are thousands of users in other countries such as the UK, the US, Canada, a number of countries in the European Union, South Africa, Bangladesh, Japan and other territories.

The total number of InPage users is almost 2 million worldwide.

Attacked organizations identified by Kaspersky Lab researchers are located in Myanmar, Sri-Lanka and Uganda.

An example of a spear-hishing email containing a malicious InPage document.

The exploit is delivered to the victim via a spear-phishing email with the infected document attached. Upon successful exploitation of the vulnerability, the malware reports to a command and control server and then downloads legitimate remote access tools.

In some cases it downloads malware based on the source code of the infamous banking Trojan ZeuS. This set of tools is typical for financial cybercriminals.

The exact set of malicious instruments downloaded to the infected machine varies from victim to victim, as do the command and control servers from which the malicious tools are downloaded. This - along with a number of other artefacts makes Kaspersky Lab researchers think that the zero-day is utilized by several threat groups.

It is not the first time that we see specific "local" software used to infect victims in a cyber attack. In 2013 Kaspersky Lab researchers observed similar tactics in the attacks attributed to the Icefog campaign. That time the attacker used malicious HWP documents which are made to work with Hangul Word Processor, a proprietary word processing application used extensively in South Korea.

"The use of vulnerabilities in specific software with a relatively low global presence and a very narrow target audience is an easy-to-understand tactic. The attackers adjust their tactics to their target's behavior by developing exploits for custom software which doesn't always receive the kind of scrutiny that big software companies apply to their products. Since local software is not a common target of exploit writers, vendors are not very responsive to vulnerability reports and existing exploits remain workable for a long time," - said Denis Legezo, security expert at Kaspersky Lab GReAT.

Thanks to a wide range of technologies, users of Kaspersky Lab solutions have already been protected against this attack for quite some time - and the protection has worked well in blocking a number of malicious InPage documents. Kaspersky Lab products successfully detect the InPage exploit with the following detection name: HEUR:Exploit.Win32.Generic.

Kaspersky Lab researchers are not yet aware of any actual incidents involving the theft of money as a result of infections using the InPage exploit. However this doesn't mean that such attacks aren't happening. Therefore security specialists advise financial organizations to check their systems for the presence of these threats and to implement the following measures:

• Make sure you have a corporate-grade internet security suite capable of catching exploits generically, such as Kaspersky Endpoint Security for Business.

• Instruct your staff not to open attachments or URLs in emails sent from unknown sources.

• Use the most recent versions of software on endpoints in your company. Avoid using software known to be vulnerable. To automate these task use Vulnerability Assessment and Patch Management solutions.

• Subscribe to a professional threat intelligence service like Kaspersky Lab's APT reporting service to get instant access to actionable information on the most recent cyberattacks which may target your organization.

• Educate your staff in cybersecurity. The malware sample that enabled the discovery of the exploit was found with the help of specifically created Yara rules. Invest in the education of your security staff so that they are able to do the same on their own and therefore protect your organization from sophisticated targeted attacks.

To learn more about targeted attacks using the InPage zero-day vulnerability read the blog post on Securelist.com. (ANI)

New Delhi [India], Apr 28 (ANI): Aiming to support and mentor new initiatives in the field of technology, Google on Friday announced its 'Solve for India' program to inspire the new wave of entrepreneurs and startups in emerging cities like Pune, Jaipur, Hyderabad, Kolkata, Kochi, Indore, Nagpur, Nashik, Madurai, Kanpur and Chennai.

Full Story >>

Now, engage well through Facebook Live!

Updated: Apr 28, 2017 02:49 IST     

New Delhi [India], April 28 (ANI): Ever since we realized, human tendency is inclined towards finding the easy way out, we knew that majority of all future innovations would have these three as their major pillars of thought- comfort, technology and time conservation.

Full Story >>

New Delhi [India], Apr 27 (ANI): Kaspersky Lab has published the results of its investigation into the activity of Hajime - a mysterious evolving Internet of Things (IoT) malware that builds a huge peer-to-peer botnet.

Full Story >>

MuveAcoustics rolls out wireless Bluetooth headphone 'Evoke'

Updated: Apr 27, 2017 18:04 IST     

New Delhi [India], Apr 27 (ANI): Gear yourself up for an overhaul of your musical experience as MuveAcoustics one of India's leading lifestyle audio solutions provider has launched its premium over-ear wireless Bluetooth headphone series - 'Evoke'.

Full Story >>

New Delhi [India], Apr 27 (ANI): Chinese technology company Vivo on Thursday took its initiative of the selfie revolution a notch higher by launching Vivo V5s in matte black and crown gold colors at Rs. Rs.18,990.

Full Story >>

Facebook hosts interactive session for users in Delhi

Updated: Apr 27, 2017 14:48 IST     

New Delhi [India], Apr 27 (ANI): Social media giant Facebook on Wednesday hosted an interactive product showcase, 'Facebook: A place to connect' for the Facebook community to experience in Delhi on April 26.

Full Story >>

Pinwi upgrades its parenting app, introduces Pinwi 2.0

Updated: Apr 27, 2017 10:53 IST     

New Delhi [India], Apr 27 (ANI): The data-driven app for child development and parenting, Pinwi (Play-Interest-Wise) on Thursday introduced a new version 2.0 for both on iOS and Android platforms.

Full Story >>

New Delhi [India], Apr 27 (ANI): IT services provider Infosys Ltd. on Thursday announced the launch of Infosys Nia, the next-generation Artificial Intelligence (AI) platform building on the success of the Company's first-generation AI platform, Infosys Mana, and its Robotic Process Automation (RPA) solution, AssistEdge.

Full Story >>

New Delhi [India], Apr 27 (ANI): Aiming to deliver more long-term and impactful changes to Search, Google on Wednesday announced key updates to its algorithms and introduced additional features to address the challenges with locating relevant from the most reliable sources available.

Full Story >>

New Delhi [India], Apr 26 (ANI): Tata Motors have announced readiness of SCR (Selective Catalytic Reduction) and EGR (Exhaust Gas Recirculation) technologies for BSIV compliant engines, powering its range of commercial vehicles.

Full Story >>

HCL Infosystems becomes Oracle platinum level partner

Updated: Apr 26, 2017 15:35 IST     

New Delhi [India], Apr 26 (ANI): HCL Infosystems Ltd. on Wednesday announced that it has achieved the Oracle Platinum Partner status in Oracle Partner Network (OPN).

Full Story >>

Ericsson, MTS evaluates radio network features

Updated: Apr 26, 2017 15:04 IST     

New Delhi [India], Apr 26 (ANI): Ericsson and MTS, the largest mobile operator in Russia on Wednesday built a prototype 5G network and completed a successful test of new radio network features.

Full Story >>

New Delhi [India], Apr 26 (ANI): UCWeb has outlined detailed guidelines for writers and content creators to join the 'Super 1000' Program launched in March 2017.

Full Story >>

New Delhi [India], Apr 25 (ANI): SaaS cloud platform to manage hotels sales, revenue, operations and online reputation DJUBO on Tuesday announced a rapid adoption among hoteliers with a four-fold increase in its revenues, doubling occupancy, boosting ARRs by over 50 percent, and more.

Full Story >>

New Delhi [India], Apr 25 (ANI): Mobile application that allows users to personalize conversation in real-time on any platform Bobble Keyboard on Tuesday announced that it has partnered with Zen Mobile.

Full Story >>

Google's new features empower Indian language consumer base

Updated: Apr 25, 2017 14:13 IST     

New Delhi [India], Apr 25 (ANI): Aiming to cater to the needs of one and all, Google on Tuesday announced the launch of a range of new features to empower Indian language users to adapt to latest technology within the comfort zone provided by the language of their choice.

Full Story >>

New Delhi [India], Apr 24 (ANI): Accenture on Monday announced the launch of its new platform for automated, analytics-driven software testing, after successfully completing pilots with 10 clients around the world.

Full Story >>

HTC announces VIVE product launch in India

Updated: Apr 22, 2017 12:23 IST     

New Delhi [India], Apr 22 (ANI-NewsVoir): Pioneer in innovative, smart mobile and virtual reality technologies HTC Corporation has announced the launch of their virtual reality system, HTC VIVE™ making it the first complete VR system available to customers in the India market. VIVE will be available exclusively on Amazon.in via pre-order from April 22nd, 2017.

Full Story >>

Google marks Earth Day with its Doodle

Updated: Apr 22, 2017 08:59 IST     

New Delhi [India], Apr. 22 (ANI): The Earth is more than 4.543 billion years old, home to more than 8.7 million species, and still the only known planet in the universe known to harbour life, reads Google's blog today.

Full Story >>

Softbank to deploy Ericsson Radio Dot System across Japan

Updated: Apr 22, 2017 02:09 IST     

New Delhi [India], Apr 22 (ANI): Following more than two years of verification and testing, SoftBank Corp., a subsidiary of SoftBank Group Corp. on Friday announced its decision to deploy the Ericsson Radio Dot System across Japan to deliver premium indoor connectivity to its subscribers.

Full Story >>