Wednesday, March 27, 2013

Human Rights Activists Targeted by Hacker!!

Tibetan and Uyghur activists are once again targeted with a new malware, specially designed for Android devices. This is the first documented attack that targets Android smartphones. A targeted malware attack on Android phones that seems to come from a China IP Address. The attack relied heavily on social engineering, a kind of verbal manipulation, to hack into their targets’ devices.

 Malware seeks to steal information like contacts, call logs, and SMS of people who work in the field of human rights. A command function that shows up prior to posting stolen data to the command-and-control server at the URL: hxxp://64.78.161.133/*victims's_cell_phone_number*/process.php.

 On March 24, the attackers infiltrated the email account of a high-profile Tibetan activist, and used that account to send a spear-phishing email to their contacts list. Once the victim opens the attachment on her Android phone, the file installs an application called "conference" that will display some information about the Geneva conference. The target is reading the message, malicious software they had inadvertently installed would report back to a command-and-control server, before collecting information from the phone. 

 

Are Researcher say "The attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques."

No comments:

Post a Comment