Information Security News mailing list archives
Evernote account used to deliver instructions to malware
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 29 Mar 2013 03:08:42 -0500 (CDT)
https://www.computerworld.com/s/article/9237949/Evernote_account_used_to_deliver_instructions_to_malware By Jeremy Kirk IDG News Service March 28, 2013A piece of malicious software spotted by Trend Micro uses the note-taking service Evernote as a place to pick up new instructions.
The malware is a backdoor, or a kind of software that allows an attacker to execute various actions on a hacked computer. Trend Micro found it tries to connect to Evernote in order to obtain new commands.
"The backdoor may also use the Evernote account as a drop-off point for its stolen information," wrote Nikko Tamana, a Trend Micro threat response engineer.
It's not unheard of for hackers to design malware to abuse legitimate services, either to make the malware more difficult to trace or give it a less suspicious profile. In the past, Twitter and Google Docs have been used by hackers to post instructions for their botnets.
[...] ______________________________________________ Attend #HITB2013AMS April 8th - 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org
Current thread:
- Evernote account used to deliver instructions to malware InfoSec News (Mar 29)