30 July 2007 | 4,518 views

Hackers Steal U.S. Government Corporate Data from PCs – AGAIN

Acunetix Web Application Security

Seems like a social engineering type attack again relying on human ignorance and stupidity. Based around some kind of malware reporting back to a central repository.

Remember kids if a deal is too good to be true…it isn’t.

Hackers stole information from the U.S. Department of Transportation and several U.S. companies by seducing employees with fake job-listings on advertisements and e-mail, a computer security firm said.

The victims include consulting firm Booz Allen, computer services company Unisys Corp, computer maker Hewlett- Packard Co and satellite network provider Hughes Network Systems, a unit of Hughes Communications Inc, said Mel Morris, chief executive of British Internet security provider Prevx Ltd.

Of the list, only Unisys acknowledged that viruses had been detected and removed from two PCs, saying no information had been leaked. A Department of Transportation spokeswoman said the agency could not find any indication of a breach and a spokeswoman for Hughes said she was unaware of any breaches.

They were fairly selective about their targets which meant they stayed under the radar for some time.

Prevx said the malware it identified uses a program named NTOS.exe that probes PCs for confidential data, then sends it to a Web site hosted on Yahoo Inc. That site’s owner is likely unaware it is being used by hackers, Morris said.

He believes the hackers have set up several “sister” Web sites that are collecting similar data from other squadrons of malware. It was not clear whether the hackers used any information stolen from more than 1,000 PCs.

The hackers only targeted a limited group of computers, which kept traffic down and allowed them to stay under the radar of security police, who tend to identify threats when activity reaches a certain level.

The fact is off the shelf AV solutions CANNOT detect custom malware, this has been known about for a long time but it’s never really sunken in to the brains of the people in charge.

A little bit of programming and a little bit of imagination and most companies can still be owned with a custom trojan.

Source: Reuters





                

Recent in General Hacking:
- PentesterLab.com – Excercises To Learn Penetration Testing
- New eLearnSecurity Course – WAPT – Web Application Penetration Testing
- Hackers Break Into White House Military Network

Related Posts:
- Malaysia Government Sites Under Attack From Anonymous
- RSA Silent About Compromise For 7 Days – Assume SecurID Is Broken
- The Soft Underbelly? – Database Security

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,129,623 views
- Hack Tools/Exploits - 573,213 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 409,740 views

Advertise on Darknet

9 Responses to “Hackers Steal U.S. Government Corporate Data from PCs – AGAIN”

  1. Sandeep Nain 30 July 2007 at 12:38 pm Permalink

    and what was the excuse this time??

    well no doubt hackers are becoming smarter every day… but a little more hardwork and security awareness whould have done the job…

  2. SN 30 July 2007 at 12:49 pm Permalink

    Hackers might be becoming smarter .. but how about users? we dont live in a world where it is ok to be naive.

  3. backbone 30 July 2007 at 1:08 pm Permalink

    A little bit of programming and a little bit of imagination and most companies can still be owned with a custom trojan.

    you are right Darknet… I bet even 29A (which is a VX group) would write an undetectable trojan for some cash =)

  4. TheRealDonQuixote 30 July 2007 at 10:32 pm Permalink

    @BackBone
    You can find source codes and multiple variants for trojans, worms and other assorted malware and “hack tools” at VX Chaos File Server. Check in the “Unknown Malware” and “Uploads” sections for the naughty stuff that no one has even seen yet!! No cash needed.

    There is also, leetupload.com, but they haven’t been in the VX trading and collecting game nearly as long as Azag over at VXChaos. VXhavens is another hot spot for the l33t s**t.

  5. backbone 30 July 2007 at 10:40 pm Permalink

    TheRealDonQuixote VXheavens is my favorite VX website, if you would have searched a bit the website you would have seen my tiny com virus there ;)

  6. Sandeep Nain 30 July 2007 at 11:39 pm Permalink

    SN: Yes you are right, thats why some more hardwork and security awareness is needed to keep these smart hackers away…

    MPV: You are right… its not the first time US govt has been expposed… I hope they start keeping an eye on such vulnerabilities and start some (in)security awareness programme for their staff.

  7. Nobody_Holme 1 August 2007 at 3:41 pm Permalink

    Does any US government agency have good security?
    I ask this because i’m actually worried how many people have access to serious military hardware…
    Anyway, theres no way you can scan for every possible script all the time, or thats all your servers will be doing, therefore almost anyone will be ownable (is that a word) with a custom script, in theory.

  8. moons 1 August 2007 at 4:09 pm Permalink

    Ouch. Thats gotta be a pain. Contrary to it, i don’t think Department of Defense data or military ops would be so easy though. I’m sure they probably have good hierarchies for anyone trying to access. and probably even paranoid filters.