Russian hackers use Twitter, Photos to reach US computers: Report

30 Jul 2015 | Author: | No comments yet »

Russian Hackers Used Twitter To Target US Government: Report.

SAN FRANCISCO: Russian government-backed hackers who penetrated high-profile US government and defence industry computers this year used a method combining Twitter with data hidden in seemingly benign photographs, according to experts studying the campaign.Russian hackers have figured out a way to use Twitter to communicate with malware that’s infected target computers, allowing them to cover their tracks while making their way into confidential government computer systems. In a public report, researchers at security company FireEye Inc said the group used the unusual tandem as a means of communicating with previously infected computers. The hackers upload special images to the social media site that stealthily transmit directions to installed malware that can then steal files or other unwanted actions, reported the Financial Times.

The technique, uncovered during a FireEye investigation at an unnamed victim organisation, shows how government-backed hackers can shift tactics on the fly after they are discovered. “It’s striking how many layers of obfuscation that the group adopts,” said FireEye Strategic Analysis Manager Jennifer Weedon. “These groups are innovating and becoming more creative.” The machines were given an algorithm for checking a different Twitter account every day. The cybersecurity firm FireEye FEYE 4.05% released a report on the trick and labeled it “Hammertoss.” The attack method was “designed so that defenders can neither detect nor characterize its activity,” wrote FireEye, which says there’s a “high” chance that Russian hackers are behind Hammertoss. “The weaponization of social media is a growing threat,” Stuart Poole-Robb, chief executive of the business intelligence group KCS, told the FT. “It’s an easy way of passing information to malware that’s hard to detect.” The computer would go to the website and look for a photo of at least the size indicated by the number, while the letters were part of a key for decoding the instructions in a message hidden within the data used to display the picture on the website. Vikram Thakur, a senior manager at Symantec Corp, said his team had also found Twitter controls combined with hidden data in photos, a technique known as steganography.

In April, it said another Russian-government supported group, APT28, had used a previously unknown flaws in Adobe Systems Inc.’s Flash software to infect high-value targets. Thakur said another tool in that kit is CozyDuke, which Russian firm Kaspersky Lab says is associated with recent breaches at the State Department and the White House. – Reuters

Here you can write a commentary on the recording "Russian hackers use Twitter, Photos to reach US computers: Report".

* Required fields
Our partners
Follow us
Contact us
Our contacts

ICQ: 423360519

About this site