Hackers hitting NGOs with backdoor attacks 

Hackers may be targeting non-government organizations with a series of backdoor attacks, a computer security firm warned this week.

Trend Micro said it has found evidence that Amnesty International (AI), whose UK website was attacked recently, is “not the only intended target for the attack.”

“Based on our investigation, it seems that the initially reported affected organization is just one of the targets in this attack and that the attack itself is fashioned specifically for the targets,” it said in a blog post.

It cited earlier reports the attack on AI’s website involved an iframe that redirected users to another compromised site in Brazil.

The site executed a malicious Java applet detected as JAVA_DLOAD.ZZC, which exploits vulnerability in Java.

According to Trene Micro, the attack drops BKDR_PPOINTER.SM, which connects to a certain URL to send and receive commands from the attacker.

“It is also capable of gathering certain information about the affected system,” Trend Micro said.

A separate blog post by security researcher Brian Krebs late December said AI’s homepage in the United Kingdom had served malware that exploits a recently-patched vulnerability in Java.

“Security experts say the attack appears to be part of a nefarious scheme to target human rights workers,” he said.

via Hackers hitting NGOs with backdoor attacks  | GMA News Online | The Go-To Site for Filipinos Everywhere.


About gatoMalo

I am a veteran served on the USS Saratoga. After the military I worked on computers for the last 30 or so years. I worked as a hardware, software, network, email, groupware developer and security dude. I am now an abuelo. I belive in guarding the guards. We are all citizen warriors for our country the 5th battlefield is Cyber Space so here I am. Later, quis custodiet ipsos custodes? View all posts by gatoMalo

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: