-

Tuesday, January 28, 2014

Amtel Infographic about Zombie Phone Killer

0 comments
Zombie phones are mobile devices that the enterprise thinks are dead, but they're actually still alive and potentially costing companies a considerable amount of money. The infographic below, created by Amtel, shows how zombie phones manifest themselves, how costly they can be to organizations, and how to put a stop to this madness with Mobile Device Management (MDM). Find out more about Amtel's MDM solution, including how it can kill zombie phones and save your enterprise money.

Thursday, January 16, 2014

“Javafog” Discovered: A Java Version of Icefog Malware

0 comments
Security firm Kaspersky recently reported that they discovered a new variant of Icefog Malware targeting government agencies and several high profile companies precisely an American independent oil and gas corporation.

          Icefog is a Backdoor that allows hackers to get access to basic key information about an infected system, and can allow attackers to monitor and control infected PC’s. It is also able to upload, download and install other forms of Malware for various purposes, the main reason being to steal or edit data on the computer system. 

                Kaspersky Lab Experts Costin Raiu, VitalyK and Igor Soumenkov called it “Javafog”, this malware was written in Java code and extremely tough to detect, it includes only basic functionalities such as uploading and downloading files from the infected systems. Simple, yet very effective method on stealing information.

          In September 2013, Kaspersky Lab published an extensive analysis of Icefog, they continued to monitor the operation by sinkholing domains and analyzing victim connections. During this monitoring, they discovered a type of connection, which seemed to indicate a Java version of Icefog.

          Javafog uses the same payloads as the original Icefog campaign; it installs other specific Malware on to a victim’s computer, allowing communication with Icefog C&C servers. The main difference between them is that Javafog’s coding is written in Java. Kaspersky have confirmed that evidence suggests a various major US corporations may have already been affected by Javafog. Kaspersky managed to sinkhole 27 of 72 different C&C servers.

Javafog Malware

“The Javafog malware is harder to track than its original variant. Java malware is not as popular as Windows Preinstallation Environment (PE) malware, and can be harder to spot.” Kaspersky team said.

Security firm Trusteer advised that to prevent Java exploits and malware-based infiltrations, it is important to restrict execution to only known trusted Java files.