Israeli cops penetrated by army of fake generals with trojans

[InfoSec News <alerts () infosecnews org>]

http://www.theregister.co.uk/2012/10/30/trojan_hits_israeli_cops/

By John Leyden
The Register
30th October 2012

Israeli police departments were pulled offline last Thursday following 
the discovery of a Trojan especially targeted at law enforcement 
networks in the Jewish state.

The malware was distributed using spammed messages, spoofed so that they 
appeared to come from the head of the Israel Defense Forces, Benny 
Gantz. The malicious emails contained the subject line "IDF strikes 
militants in Gaza Strip following rocket barrage", and a compressed .RAR 
file was attached. Opening the dodgy attachment on Windows machines 
leads to infection by the XTRAT-B Trojan (AKA Benny Gantz-59).

Samples of the malware obtained by Trend Micro suggest that the initial 
target of the attack was systems within the Israeli Customs agency.

"Based on our analysis, this backdoor is an Xtreme remote access Trojan 
(RAT) that, like all RATs, can be used to steal information and receive 
commands from a remote attacker," Ivan Macalintal, a threat research 
manager at Trend Micro explains. "The Xtreme RAT appears to have been 
used in previous attacks targeting Syrian anti-government activists."

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org