Our Latest Online Backup Reviews:Vembu SyncBlaze
Industry LinksTools and Graphs
WOBURN, MA – November 10, 2014 — /BackupReview.info/ – The Kaspersky Lab Global Research and Analysis Team researched the “Darkhotel” espionage campaign, which has lurked in the shadows for at least four years while stealing sensitive data from selected corporate executives travelling abroad. Darkhotel hits its targets while they are staying in luxury hotels. The crew never goes after the same target twice; they operation with surgical precision, obtaining all the valuable data they can from the first contact, deleting traces of their work and fading into the background to await the next high profile target. The most recent travelling targets include top executives from the USA and Asia doing business and investing in the APAC region: CEOs, senior vice presidents, sales and marketing directors and top R&D staff. This threat actor is still active, Kaspersky Lab warns. (Tweet this)
How Darkhotel Attacks
Once on a system, the backdoor has been and may be used to further download more advanced stealing tools: a digitally-signed advanced keylogger, the Trojan ‘Karba’ and an information-stealing module. These tools collect data about the system and the anti-malware software installed on it, steal all keystrokes, and hunt for cached passwords in Firefox, Chrome and Internet Explorer; login credentials for Gmail Notifier, Twitter, Facebook, Yahoo! and Google; and other private information. Victims lose sensitive information likely to be the intellectual property of the business entities they represent. After the operation, the attackers carefully delete their tools from the hotel network and go back into hiding.
Commenting on Darkhotel, Kurt Baumgartner, principal security researcher at Kaspersky Lab, said, “For the past few years, a strong actor named Darkhotel has performed a number of successful attacks against high-profile individuals, employing methods and techniques that go well beyond typical cybercriminal behavior. This threat actor has operational competence, mathematical and crypto-analytical offensive capabilities, and other resources that are sufficient to abuse trusted commercial networks and target specific victim categories with strategic precision.”
However, the malicious activity of Darkhotel can be inconsistent: it is indiscriminate in its spread of malware alongside its highly targeted attacks.
“The mix of both targeted and indiscriminate attacks is becoming more and more common in the APT scene, where targeted attacks are used to compromise high profile victims, and botnet-style operations are used for mass surveillance or performing other tasks such as DDoSing hostile parties or simply upgrading interesting victims to more sophisticated espionage tools,” added Kurt.
How to Outsmart Darkhotel
About Kaspersky Lab
The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2013. The rating was published in the IDC report “Worldwide Endpoint Security 2014–2018 Forecast and 2013 Vendor Shares (IDC #250210, August 2014). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2013.
Securelist | Information about Viruses, Hackers and Spam
Threatpost | The First Stop for Security News
General Tags: top rated online backups, SaaS, online file storage, cloud computing, software as a service, online file backup, online backup companies, online backup news, online backup reviews, online data backup, CEO interviews, backing up online, data storage, compare online backups, online backup, data security, online backup providers directory, online backup services
Like us on Facebook
Sponsored Links:Data Deposit Box Asigra Bacula Systems