SECURITY DOOM-SPEAKER Symantec has warned SMBs in the UK, US and India that they are likely to be tickled by a money-grabbing remote access trojan using backdoor bastards.
Two families of remote access trojans known as Backdoor.Breut and Trojan.Nancrat are causing problems to a range of businesses, according to a Symantec blog post.
The method is a hoary one. Spiked phishing emails are sent to employees, some of whom click a link or some other action point, and before you know it hackers have flooded the network and made a right mug of your security protection.
"The attackers operate with few resources, and rely on social engineering rather than exploits. However, despite these limitations, the attackers can gain a huge amount of control of victim computers thanks to the malware's multi-purpose capabilities," said the post.
"The campaigns have been occurring since at least early 2015. For most of the year, the targets were mainly located in India, while some others were in the US and other regions. However, activity in India and the US has dropped in the past few months while the number of infections in the UK has increased."
The hackers are not fussy and just knock on doors to see whether they can get in. If they do not succeed they just move on. But once installed they have the ability to strip away cash and that kind of thing.
"The emails include archive file attachments, usually with .zip extensions. If the target opens the file their computer is infected with Backdoor.Breut or Trojan.Nancrat. Both of these threats give the attackers complete control of the computer," said Symantec.
"Through these infections, the attackers can access the webcam and microphone, log keystrokes, steal files and passwords and more.
"Once a computer is compromised, the attackers spend time assessing it to find out how to steal the money. In some cases, attackers have been known to download manuals to figure out how to use certain financial software."
The cheeky hackers are thought to be a small group based in central Europe.
Symantec offered the standard warning: "Do not open attachments or click on links in suspicious email messages." It is possible that the firm offers some solutions of its own. µ
Buy shares in VPNs now
Yes, even the one your wrote while you were steaming drunk
Tens of people inconvenienced