|
US federal court officials have warned that hackers are emailing
phony subpoenas embedded with malicious software to high-ranking
executives to steal valuable corporate information.
Thousands of powerful US
executives have received the bogus emails that contain links which,
if clicked on, install software letting hackers take control of
computers and swipe passwords or other sensitive data.
Internet security insiders refer
to the attacks as "whaling" because they use
social-engineering trickery involved in "phishing" but
target individual "big phish" instead of casting nets in a
sea of Internet users.
"The success rate was incredibly high," Websense Security
Labs manager Stephan Chenette told AFP.
"Most likely due to the
nature of the content and the real data, the emails had their exact
names and legal language in there that made it seem like a serious
subpoena."
The emails are crafted with the
seal of the US federal court in San Diego, California, and are
addressed to executives using their names, addresses and other
individual details.
Clicking on a link to see a
"subpoena" displays a realistic looking document and
stealthily installs malicious computer code in the reader's
computer.
"When the recipient tries to
view the document, they unwittingly download and install software
that secretly records keystrokes and sends the data to a remote
computer over the Internet," court officials said in their
warning.
"This enables criminals to
capture passwords and other personal or financial information and
starts software that allows the computer to be controlled
remotely."
Subpoenas in the United States
are usually served in person to assure judges that the orders from
courts have been properly received by those named.
US investigators believe the
hackers are not familiar with the court system because the website
executives are directed to uses a "uscourts.com"
domain name while actual court online addresses typically end in
".gov."
Aspects of writing in the
messages appear British, according to police.
Among the targets have been
executives at banking giant CitiBank, Time Warner-owned America
OnLine and Internet auction house eBay, according to the courts.
The hackers likely got
confidential information about intended victims stolen or gathered
in the Internet's underworld.
"In the malicious community
there is a lot of buying and selling of credit card and other
information," Chenette said.
"Attackers buy cell phone
numbers, home addresses and other specifics about people. In this
case they were identifying and going after larger executives."
There is a trend toward more
convincing, targeted "whaling" attacks, according to
Chenette, who says to be wary of supposed court or tax department
emails.
Trick emails with giveaway
spelling errors of the kind that gave "phishing" its name
are giving way to well-crafted, believable messages honed using
confidential information about targets.
"The future of spam is to
become more evasive and successful," Chenette said. "It is
always a cat and mouse game ... a very real game."
--AFP
|
