-> ,validPeriod= 1 -> Siverskyi together with other employees CERT Poland conducted an analysis of the activities of cyber criminals, and the results presented on Wednesday at the XIX Conference on ICT security Secure 2015. The first information about the new attack carried out by cybercriminals, which uses was the logo and name of the Polish Post, appeared in the media in May this year. E-mails allegedly reported the unclaimed consignment, but really contain a link that redirects ran the user, depending on used their web browser, a file with an .exe extension or .apk. The message contained on the website asked to download the pdf version of the file, run it on a computer, and subsequently to carry The printed version of the document to the point of pickup. In fact, Internet users are downloading to your device malicious software called TorrentLocker that encrypt files on the user’s hard drive, and for their decryption demanded a ransom. “Only in the second half of August with a fake party joined more than 15,000 unique IP addresses, most of which came from Polish. With high probability we can say that the number of 15 thousand. relates to individual users. Among them, until 6388 downloaded the malware, “- said Siverskyi. This means that the attacks were carried efficiency of above 41 percent. “This is an unusually high number for an attack of this type, especially considering the fact that in May the media widely reported the existence of such a threat on the Internet” – stated the expert. He added that in this case – which was a novelty – attacked were both users of stationary equipment and mobile. Siewierski told PAP that behind the attacks most likely is an international criminal group, which is responsible for similar activities carried out, among others, in Spain, the UK and Australia. Experts from CERT tentatively called it the “Group Post Office.” “The group name is a derivative of a departure from its schema attack, which was similar in many other countries. In each country, cybercriminals posed as company postal service using its logo and other distinctive elements” – explained expert. He pointed out that the fact that the attacks seem to be made by the same group provides not only behavior but also the use of a similar network infrastructure and related malware. Siverskyi added that the group is active, at least since 2013 and is responsible for carrying out campaigns in many countries, spreading malware. The expert stressed that against such attacks, however, can protect. “Just before the opening of the annex see where mail came to us, what is the address if we ordered a parcel or company that sends us out in Annex invoice provides services for us” – calculated Siverskyi. The organizer of conferences dedicated to the security of the Secure teleinformatycznemu is NASK. (PAP)
From 10 zł for each Electoral month and read by quarter!
CERT Poland operates within the Research and Academic Computer Network (NASK) for 19 years and monitors the risks associated with cyber security internet users in Poland . Regularly also preparing a report summarizing threats on the Internet in a given year.
No comments:
Post a Comment