Evernote account used to deliver instructions to malware

[InfoSec News <alerts () infosecnews org>]

https://www.computerworld.com/s/article/9237949/Evernote_account_used_to_deliver_instructions_to_malware

By Jeremy Kirk
IDG News Service
March 28, 2013

A piece of malicious software spotted by Trend Micro uses the 
note-taking service Evernote as a place to pick up new instructions.

The malware is a backdoor, or a kind of software that allows an attacker 
to execute various actions on a hacked computer. Trend Micro found it 
tries to connect to Evernote in order to obtain new commands.

"The backdoor may also use the Evernote account as a drop-off point for 
its stolen information," wrote Nikko Tamana, a Trend Micro threat 
response engineer.

It's not unheard of for hackers to design malware to abuse legitimate 
services, either to make the malware more difficult to trace or give it 
a less suspicious profile. In the past, Twitter and Google Docs have 
been used by hackers to post instructions for their botnets.

[...]


______________________________________________
Attend #HITB2013AMS April 8th - 11th in Amsterdam.
Featuring over 42 international speakers and keynotes
by Bob Lord and Edward Schwartz http://conference.hitb.org