Cheat sheets

Cyber Attacks Target Users With or Without Vulnerabilities

Share this with people that should know this:

Japanese Buffalo peripheral manufacturer of storage, multimedia, and wireless networking, announced its storage device drivers infected by malware.

Symantec security responce published earlier on its blog that Japanese user have been target by visiting sites compromised byInfostealer.Bankeiya.B,The Buffalo drivers were found infected with the Trojan Bankeiya, made for silent stealing Japanese login details, pin numbers and other banking data. The malware without the user interaction was automatically downloaded in the background after the hardware driver was installed.

Buffalo offered on its site an installer,it was infected and downloads the main component of Infostealer.Bankeiya.B discovered Symantec . The attackers appear to have infected files on 27 May, Symantec discovered three days later. In time, the driver downloaded a total of 856 times. Buffalo has been removed the file from its support download website.

Symantec find computers targeted with CVE-2014-0322 exploit code by region;

These websites either were modified to host the exploit code for the Internet Explorer zero-day vulnerability or were updated with the insertion of an iframe that redirects the browser to another compromised site hosting the exploit code. If the attack is successful, the exploit drops a banking Trojan that steals login details from certain banks. Symantec detects this threat as Infostealer.Bankeiya.

Share this with people that should know this: