Stabuniq malware found on servers at U.S. financial institutions
The malware appears to just be performing reconnaissance for now
IDG News Service - Security researchers from Symantec have identified an information-stealing Trojan program that was used to infect computer servers belonging to various U.S. financial institutions.
Dubbed Stabuniq, the Trojan program was found on mail servers, firewalls, proxy servers, and gateways belonging to U.S. financial institutions, including banking firms and credit unions, Symantec software engineer Fred Gutierrez said Friday in a blog post.
"Approximately half of unique IP addresses found with Trojan.Stabuniq belong to home users," Gutierrez said. "Another 11 percent belong to companies that deal with Internet security (due, perhaps, to these companies performing analysis of the threat). A staggering 39 percent, however, belong to financial institutions."
Based on a map showing the threat's distribution in the U.S. that was published by Symantec, the vast majority of systems infected with Stabuniq are located in the eastern half of the country, with strong concentrations in the New York and Chicago areas.
Compared to other Trojan programs, Stabuniq infected a relatively small number of computers, which seems to suggest that its authors might have targeted specific individuals and organizations, Gutierrez said.
The malware was distributed using a combination of spam emails and malicious websites that hosted Web exploit toolkits. Such toolkits are commonly used to silently install malware on Web users' computers by exploiting vulnerabilities in outdated browser plug-ins like Flash Player, Adobe Reader or Java.
Once installed, the Stabuniq Trojan program collects information about the compromised computer, like its name, running processes, OS and service pack version, assigned IP (Internet Protocol) address and sends this information to command-and-control (C&C) servers operated by the attackers.
"At this stage we believe the malware authors may simply be gathering information," Gutierrez said.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Something-something “LASER” something-something-something.
The MtGox Bitcoin exchange is bankrupt. Not a huge surprise, but insiders are also alleging chronic incompetence within the company, flowing from the CEO, Mark Karpeles. Supposed hackers have also leaked some PHP code that appears to substantiate those allegations. But could it all be an elaborate ruse to steal customers'
MtGox Co., Ltd. is now aiming for "civil rehabilitation" in a Tokyo District Court (similar to Chapter 11 bankruptcy protection in the U.S.).
In IT Blogwatch, bloggers release the frickin’ ill-tempered, mutated sea bass.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Accelerating Speed to Market in the Highly Competitive Automotive Industry
- This White Paper discusses how an Enterprise Project Portfolio Management solution optimizes project analysis, management, reporting and risk mitigation processes to accelerate new...
- ERP in the Cloud and the Modern Business
- View IDC's White Paper, to review IDC CloudTrack Survey findings, gain expert insight into the challenges and opportunities the cloud presents, and determine...
- Financial Security: What smaller Institutions can learn from DDoS attacks on big banks
- Since last fall, several waves of distributed denial of service (DDoS) attacks have targeted major players in the U.S. banking industry. JPMorgan Chase,...
- Gartner 2013 Magic Quadrant for Enterprise Backup/Recovery Software
- See why CommVault was positioned as the #1 leader in Gartner's 2013 Magic Quadrant for Enterprise Backup/Recovery software for the 3rd year in... All Financial IT White Papers
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
- Top 8 Communications Tools for Small Businesses Powerful technology is available to help your small business improve its communications with customers, employees and suppliers. View this free On-Demand Webcast produced...
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- All Financial IT Webcasts