A recent post from Security Affairs writer Pierluigi Paganini reports that a Romanian duo have been convicted of infecting approximately 400,000 computers, most of which were in the United States. The hackers used a type of malware that is designed to steal user credentials, financial data and personal information. The stolen information was then offered up for sale on the Dark Web. How did the pair actually infect 400,000 computers?
Phishing. It is reported that the two were able to spread the malware by sending fake emails designed to look like they were coming from legitimate businesses. Users thinking that they were receiving an email from their bank, government bodies such as the IRS or even from a commonly used antivirus software, Norton, would click the links within the email and download the malware that was attached. Once installed, the malware was free to act on the infected system, by capturing credentials when users would login to websites such as Facebook, PayPal and eBay. Instead of going to a legitimate website, users were redirected to a site nearly identical created by the criminals.
Through the hard work of the FBI and cooperation with the Romanian National Police, the hackers were caught. The pair have been found guilty of their crimes and are set to be sentenced in August.
*This is just a friendly reminder that phishing training and security awareness training is imperative for your employees.
To read the Department of Justice’s press release on this matter click here.
Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology