Mon, Aug 21, 2017 | updated 06:54 AM IST

Asian, African Banks are attacked using zero-day vulnerability

Updated: Nov 24, 2016 16:35 IST      
Asian, African Banks are attacked using zero-day vulnerability

New Delhi [India], Nov.24 (ANI): Kaspersky Lab's Global Research and Analysis Team has discovered attacks which appear to be using a zero-day exploit (a malicious program allowing additional malware to be silently installed) for the InPage text editor.

InPage is a software package used by Urdu- and Arabic-speaking people and organizations around the world. The exploit was used in attacks against banks in several Asian and African countries.

InPage is widely used by media and print shops, as well as governmental and financial institutions, such as banks, that work with texts written in Perso-Arabic scripts.

According to the InPage website, in addition to India and Pakistan, where the software is widely used, there are thousands of users in other countries such as the UK, the US, Canada, a number of countries in the European Union, South Africa, Bangladesh, Japan and other territories.

The total number of InPage users is almost 2 million worldwide.

Attacked organizations identified by Kaspersky Lab researchers are located in Myanmar, Sri-Lanka and Uganda.

An example of a spear-hishing email containing a malicious InPage document.

The exploit is delivered to the victim via a spear-phishing email with the infected document attached. Upon successful exploitation of the vulnerability, the malware reports to a command and control server and then downloads legitimate remote access tools.

In some cases it downloads malware based on the source code of the infamous banking Trojan ZeuS. This set of tools is typical for financial cybercriminals.

The exact set of malicious instruments downloaded to the infected machine varies from victim to victim, as do the command and control servers from which the malicious tools are downloaded. This - along with a number of other artefacts makes Kaspersky Lab researchers think that the zero-day is utilized by several threat groups.

It is not the first time that we see specific "local" software used to infect victims in a cyber attack. In 2013 Kaspersky Lab researchers observed similar tactics in the attacks attributed to the Icefog campaign. That time the attacker used malicious HWP documents which are made to work with Hangul Word Processor, a proprietary word processing application used extensively in South Korea.

"The use of vulnerabilities in specific software with a relatively low global presence and a very narrow target audience is an easy-to-understand tactic. The attackers adjust their tactics to their target's behavior by developing exploits for custom software which doesn't always receive the kind of scrutiny that big software companies apply to their products. Since local software is not a common target of exploit writers, vendors are not very responsive to vulnerability reports and existing exploits remain workable for a long time," - said Denis Legezo, security expert at Kaspersky Lab GReAT.

Thanks to a wide range of technologies, users of Kaspersky Lab solutions have already been protected against this attack for quite some time - and the protection has worked well in blocking a number of malicious InPage documents. Kaspersky Lab products successfully detect the InPage exploit with the following detection name: HEUR:Exploit.Win32.Generic.

Kaspersky Lab researchers are not yet aware of any actual incidents involving the theft of money as a result of infections using the InPage exploit. However this doesn't mean that such attacks aren't happening. Therefore security specialists advise financial organizations to check their systems for the presence of these threats and to implement the following measures:

• Make sure you have a corporate-grade internet security suite capable of catching exploits generically, such as Kaspersky Endpoint Security for Business.

• Instruct your staff not to open attachments or URLs in emails sent from unknown sources.

• Use the most recent versions of software on endpoints in your company. Avoid using software known to be vulnerable. To automate these task use Vulnerability Assessment and Patch Management solutions.

• Subscribe to a professional threat intelligence service like Kaspersky Lab's APT reporting service to get instant access to actionable information on the most recent cyberattacks which may target your organization.

• Educate your staff in cybersecurity. The malware sample that enabled the discovery of the exploit was found with the help of specifically created Yara rules. Invest in the education of your security staff so that they are able to do the same on their own and therefore protect your organization from sophisticated targeted attacks.

To learn more about targeted attacks using the InPage zero-day vulnerability read the blog post on Securelist.com. (ANI)

Top six apps enable students to earn pocket money

Updated: Aug 19, 2017 17:26 IST     

New Delhi [India], Aug 19 (ANI): Nowadays students can earn their pocket money by their own with the help of these top six applications.

Full Story >>

New Delhi [India], Aug 19 (ANI): Is it that time of age when the concept of 'Savings' dawns to you, when we find taxes and jargons way too taxing themselves. When savings don't happen in plenty but scanty! When scoring the best deal gets to be the biggest deal. Well, we bring to you top five apps which will help families make better choices and save the most.

Full Story >>

New Delhi [India], Aug 19 (ANI): Senior citizens are often left out of the loop when it comes to technology.

Full Story >>

Android users can now preview videos in Google search results

Updated: Aug 19, 2017 11:52 IST     

New York [USA], August 19 (ANI): Tech giant Google will soon incorporate video results for its search engine users, with the introduction of its new 'video preview' feature.

Full Story >>

Now, you can 'YouTube' breaking news

Updated: Aug 19, 2017 10:02 IST     

New York [USA], August 19 (ANI): Keeping up with the 'news-on-the-go' culture, the online video platform, YouTube, will now have a separate section on its homepage and mobile app dedicated to breaking news videos from around the world.

Full Story >>

New Delhi [India], Aug 18 (ANI): Spreadtrum unveiled complete series of high-performance LTE SoC platforms and its innovative solutions on mobile communication and IoT (automotive terminal, broadband communication and financial security) in the 2017 Global Partners Conference, "Infinite Chip, Infinite Intelligence", in China's Shenzhen.

Full Story >>

London [United Kingdom], Aug.18 (ANI): Kaspersky Lab researchers have discovered a new modification of the well-known mobile banking Trojan Faketoken, which has been developed and is now able to steal credentials from popular taxi applications.

Full Story >>

New Delhi [India], Aug 18 (ANI): Imagine a world where everything is interconnected and all devices can talk to each other to help you lead a more efficient and smarter life. An alarm clock that wakes you up earlier if your phone foresees traffic through maps; as soon as you wake up, the geyser is switched on and the milk delivery notified, you get ready while the system reads your schedule and books a cab for your conveyance; your health data is recorded and analysed on a regular basis and any small anomaly triggers a suggestion for a visit to a doctor; your go to retail store recognises your facial features the next time you visit and automatically suggests your shopping list based on your past preferences and usage in your fridge!

Full Story >>

Freshworks launches Freshteam, a CRM for recruiters

Updated: Aug 18, 2017 12:23 IST     

San Bruno (California) [United States], Aug.18 (ANI-Businesswire India): Freshworks, the leading provider of cloud-based business software, today announced the launch of Freshteam, a recruitment management software that empowers businesses to efficiently organize their talent acquisition function, engage with candidates, and better align the human resources organization to business goals. Freshteam's flexible hiring workflows and intuitive design make it a great fit for businesses of all sizes.

Full Story >>

Axilor graduates largest accelerator cohort of 20 startups

Updated: Aug 18, 2017 12:02 IST     

Bangalore (Karnataka) [India], Aug.18 (ANI-Businesswire India): Axilor Ventures has launched a call for applications for its sixth accelerator batch.

Full Story >>

New Delhi [India], Aug 17 (ANI): Schneider Electric, in partnership with IDC (International Data Corporation), released a white paper that highlights the pressing need for Indian utilities to embark on the technological advancements.

Full Story >>

New Delhi [India], August 17 (ANI): Kaspersky Lab experts recently detected one the largest known supply-chain attacks, ShadowPad, before it could threaten the security of hundreds of organisations worldwide.

Full Story >>

Nokia's flagship Android device, soon at a store near you!

Updated: Aug 17, 2017 09:15 IST     

New Delhi [India], August 17 (ANI): The much-awaited Nokia 8, which was launched in London by HMD Global, is all set to hit the market in early September this year, and is reportedly entering the Indian market early October.

Full Story >>

London [United Kingdom], Aug.16 (ANI): The make-up of the modern home is changing, bringing with it a new era of household 2.0 which, on average, cares for 2.4 people , 0.3 pets and now also 6.3 connected devices per home.

Full Story >>

New Delhi [India], August 16 (ANI): ASUS Republic of Gamers (ROG) on Wednesday announced the launch of Zephyrus, the world's slimmest gaming laptop powered by a seventh generation Intel Core i7 (Kaby Lake) processor and the latest NVIDIA GeForce GTX 1080 graphics, and priced at Rs. 2,99,990.

Full Story >>

New Delhi [India], August 16 (ANI): In the recent past, devices have become seemingly important in an average household, be it to cater to one's parents, children, home needs or even their pets. This new 'Household 2.0' era is set to be fueled further with the latest updates on Kaspersky Lab's flagship home security solutions, Kaspersky Internet Security and Kaspersky Total Security.

Full Story >>

Honor 8 Pro conferred with EISA Consumer Smartphone award

Updated: Aug 16, 2017 15:16 IST     

New Delhi [India], August 16 (ANI): Smartphone aggregator Honor received an accolade from the European Imaging and Sound Association (EISA), which bestowed on Honor 8 Pro, the 'EISA Consumer Smartphone 2017 - 2018' Award.

Full Story >>

eMudhra registers 20 mn eSigns within two years

Updated: Aug 16, 2017 13:53 IST     

New Delhi [India], August 16 (ANI): eMudhra, a digital identity and transaction management space on Wednesday announced that it has received issuance of over 20 million eSigns, since its inception in July 2015, surpassing its 2.5 million eSigns target which was set at the end of 2016.

Full Story >>

New Delhi [India], Aug 16 (ANI): PeopleStrong today announced the selection of Amazon Web Services (AWS) as its preferred cloud infrastructure provider. PeopleStrong is one of the fastest growing HR Technology and Solutions companies in India, with over 175 customers spread across all major industries.

Full Story >>

Google unveils Allo for Chrome, exclusively for Android users

Updated: Aug 16, 2017 10:10 IST     

New York [U.S.A.], August 16 (ANI): Tech-giant Google has unveiled 'Allo', its smart messaging app on its Chrome web browser, exclusively for its Android user base.

Full Story >>