new McAfee report reviews 30 years of advances in dodging techniques

Jun

20

2017

report provides a broad study of the way and method of the malicious Fareit software that collects security login data.
Google + LinkedIn Facebook Twitter
McAfee today unveiled its new report, McAfee Labs Threats Report: June 2017, which provides a broad study of the way Fareit’s malicious software collects security logins and reviews 30 years of advances in dodging techniques used by Malware makers, as well as revealing the report on methods of hiding information used as advanced techniques of dodging.

The report also highlights malware attacks reported across all sectors and reveals trends in malware, malware, malware and other security threats during the first quarter of 2017.

“There are hundreds, if not thousands, of phishing and dodging techniques used by hackers and malware makers and can easily be bought through the Dark Internet or DarkNet, and they are used against security tools and security mechanisms,” said Vincent Weaver, vice president of McAfee Labs. Sandbox) and security analysis processes. This quarter’s report shows us how frauds evolve from mere attempts to hide some small threats that are implemented on a small scale to hiding complex threats targeting institutional environments for long periods of time, as well as transforming them into entirely new models Fraudulent techniques aimed at protection mechanisms based on automated learning. ”

30 years of phishing techniques that spread malware

Malware developers began experimenting with various ways of evading and circumventing security products in the early 1980s, when a malware managed to hide itself by encrypting its own code in part, making the content of this software unreadable by security analysts. The term “phishing techniques” combines all methods used by malware to avoid security detection and analysis. McAfee has classified these fraud techniques into three main categories:

Techniques for circumventing protection tools: They are used to avoid malware detection engines, firewalls and application containment software or other workplace protection tools.

Sandbox circumvention techniques that are used to detect automatic analysis and to avoid drivers that point to malicious software behavior. These techniques can also determine whether they are being monitored in a sandbox by detecting any registry keys, files, or processes related to environments Default.

Security Fraud Techniques: They are used to detect and deceive security analysts, such as detection of monitoring and analysis tools such as Process Explorer or Wireshark, some security monitoring tricks, packet analysis, or tampering tools, to avoid reverse engineering.

McAfee’s report in June 2017 also reviewed some of the most powerful techniques of circumvention, dodging, and widespread launch of these technologies on the dark Internet, and how a wide range of sophisticated malware has been able to benefit from fraud and dodging techniques and what can be expected from future developments such as Techniques based on intelligent intelligence or those that rely on devices.

Hidden and unseen: A security threat that is planted in the way of steganography

Steganography or Steganography is the art or science of hiding secret messages, and in the digital world is the process of hiding messages in images, audio tracks, videos or even text files. Often, this art is digitally used by malware makers to avoid detection by protection systems. The first known use of the stigraphic flag in malware was the Duqu in 2011.

When using a digital image, the required confidential information is inserted through a specific embedding algorithm and the image is then transferred to the target system, where confidential information is extracted and controlled through malicious code. It is often difficult to detect this modified image by human eye or even using security protection techniques. McAfee is the most advanced method of dodging and circumvention. It is used as part of the IP packet to hide data. This method is widely used, so attackers can send an unlimited amount of information and disseminate it to the entire network through the use of this technology.

Fareit: Software steal the worst-case login data

Fareit malware first appeared in 2011 and since then has seen major developments in multiple contexts including new attack vectors, improved internal engineering, new ways to circumvent and evade analysis and discovery. There is growing consensus that Fareit, which targets access data, is now the worst-known malware and is likely to have been used as part of the sophisticated crackdown on the National Democratic Commission before the 2016 US presidential election.

Fareit software is deployed through many mechanisms such as phishing e-mail messages, DNS infection, or exploit scripts that target web servers. The victim can receive unwanted spam mail containing a Word file, a JavaScript file, or even an attached archive file. Once the victim opens the attachment, Fareit will infect the system and send all stolen data to the server that controls it and then download malicious software To the target device.

The process of infiltrating the National Democratic Committee in 2016 was seen as part of the Grizzly Steppe malware campaign. McAfee revealed Fareit in the list of attack indicators published in the Grizzly Steppe attacks report in the United States. Fareit is believed to have been dedicated to the attack on the National Democratic Committee and was launched by malicious word files that were published during a wide-ranging spam campaign.

The information on this attack indicates that the Fareit server has not been observed in other cases of attacks carried out by this software, and other techniques are likely to have been used in conjunction with the Fareit software in the National Democratic Committee’s attack with the aim of stealing E-mail, FTP, or critical reliability data. McAfee also suspects that Fareit also downloads other sophisticated threats such as Onion Duke or Vawtrak on victim systems to carry out more attacks.

“As users, companies, and even governments increasingly rely on password-protected systems and devices, reliable data remains vulnerable to theft and is an appropriate target for cybercriminals,” Weaver said. McAfee expects that password-stealing techniques will see significant developments until the transition to two-level verification tools is implemented and implemented across all systems. The Grizzly Steppe malware campaign gives us a clear picture of the new and future ways we will face it. ”

Security threats during the first quarter of 2017

In the first quarter of 2017, McAfee’s Global Threat Information Network recorded significant shifts in the growth rates of e-threats and attacks on the Internet in many sectors as follows:

New Threats: In the first quarter of 2017, there were 244 new threats each minute, more than 4 threats per second.

Security incidents: McAfee recorded 301 security threats publicly disclosed in the first quarter, up 53% from the fourth quarter of 2016. Health, education and the public sector accounted for more than 50% of the total.

Malware: The new malware experienced a marked increase in the first quarter to 32 million software, and the total number of malware increased by 22% over the last four quarters to reach 670 million known software. The average number of malicious software has increased over the last four years.

Malicious mobile software: The number of malicious mobile software in Asia doubled in the first quarter, contributing to a 57% increase in global infection rates. The total number of malicious mobile software has increased by 79% over the last four quarters to 16.7 million software. Android / SMSreg software was the biggest contributor to this growth, an unwanted software likely to have originated from India.

Malicious Mac Software : Malicious Mac software has seen a sharp increase over the past three quarters and has contributed to the growing proliferation of adware. Although the number of such software is still low compared to its counterparts in the Windows operating system, but it saw a remarkable rise of 53% in the first quarter.

Malicious ransom software: The numbers of these software programs have increased significantly during the first quarter as well, mainly due to the Congur ransom attacks targeting Android devices. The total number of software has increased by 59% over the past four quarters to 9.6 million known software.

Articulated bot messages: The master master of the Kelihos program was arrested in Spain last April. For many years, this software has been responsible for millions of spam messages carrying malicious software and ransom software. The US Department of Justice has approved international cooperation against this software between the United States and other foreign authorities, the Shadow Server Foundation and several manufacturing companies within the sector.

Viewing:-309

In: Technology & Gadgets Asked By: [17454 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »