Password-stealing malware targets Microsoft Outlook

MM

Melisande Mual

07 Oct 2015 / 5 Min Read

Researchers from security firm Cybereason claim that the advanced persistent threat (APT) can enable patient attackers to steal an organisations email passwords over time.

The attack was found by the company when it investigated the email server of an organisation whose security team had spotted behavioural abnormalities.

The hackers installed a back-doored malicious program which was used as part of the authentication mechanism, and was responsible for authenticating users against the Active Directory (A/D) server used in the environment

This enabled the hackers to get all requests in cleartext after SSL/TLS decryption. However, one of the mistakes made by the attackers was to use the weak and outdated DES encryption algorithm in order to store information in a log file. This enabled the investigators to uncover what the attackers were looking for - namely, all the organisations e-mail passwords.

Countries:
MM

Melisande Mual

07 Oct 2015 / 5 Min Read

sign up banner
the paypers logo

The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.

 

The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.

 



No part of this site can be reproduced without explicit permission of The Paypers (v2.7).

Privacy Policy / Cookie Statement

Copyright