HackGh Community Forum

Log in

I forgot my password



Who Is Online?
Guests : 0
Hidden : 0
Registered : 0
Users Online :
Refresh View the whole list

Latest topics
» Airtel Sika kokoo promo
Yesterday at 4:07 pm by Dagobert

» MTN 300GB DATA CHEAT
Tue Sep 19, 2017 6:45 pm by Dagobert

» Buy HackGh Proxy Cheat For Free Browsing (Ghana Only)
Wed Sep 06, 2017 1:57 pm by saintlee53

» How To Get Free 3GB From Glo Network
Wed Aug 16, 2017 10:46 pm by Appietus16

» AIRTEL FREE BROWSING
Tue Aug 15, 2017 1:20 pm by akokono

» Instagram Account hacked
Sun Aug 06, 2017 7:17 pm by saudseidu

» AIRTEL DATA TRANSFER
Sat Aug 05, 2017 7:22 pm by kbasante

» Watch Free 2CTV on any Vodafone line for the month of July
Thu Aug 03, 2017 2:45 pm by WhIPL4$h

» Tricks on How To Download Paid Android Apps For Free
Thu Jul 20, 2017 11:28 am by franknart12

» Psiphon Pro v125 [Subscribed] Cracked APK
Thu Jul 20, 2017 9:29 am by franknart12

Top posting users this month
Dagobert
 
chinesta10
 
willspanner
 
saintlee53
 
kbasante
 
storm4real
 



Free counters!
Staff Online
Staff Online
Members2046
Most Online179
Newest Member
BBC alternative

You are not connected. Please login or register

 » Ghanian Contents Only » Ghana News Achieve » 

Nigerian 419 scam distributing Remote Access Trojan

View previous topic View next topic Go down  Message [Page 1 of 1]

WhIPL4$h

avatar
Manager
Manager
Almost all members on HackGH know about the Nigerian 419 scams. These started with the traditional mail and later evolved to fax and are currently using emails to scam victims. Nigerian 419 are scamming/fraud scams which typically involves promising the victim a significant share of a large sum of money, which the fraudster requires a small up-front payment to obtain. If a victim makes the payment, the fraudster either invents a series of further fees for the victim, or simply disappears. There are many variations on this type of scam, including advance-fee fraud, Fifo's Fraud, Spanish Prisoner Scam, the black money scam, and the Detroit-Buffalo scam. The number "419" refers to the article of the Nigerian Criminal Code dealing with fraud.

However up until now this scam was used only for scaming and frauds. This is now going to change to a very severe crime. Experts at Palo Alto Networks uncovered a new Nigeria 419 scam scheme which is specifically targeting businesses in a malicous campaign dubbed Silver Spaniel. This is the first time a Nigeria 419 shema has been used by cyber criminals to distribute remote access trojans (RATs).

A report published by the Palo Alto Networks firm titled “419 Evolution” revealed that scammers are targeting businesses in Taiwan and South Korea with a malware purchased on hacker forums. The new campaign called “Silver Spaniel” is explained by them as follows :
“Our team is tracking this activity under the code name Silver Spaniel. These attacks have deployed commodity tools that can be purchased for small fees on underground forums and deployed by any individual with a laptop and an e-mail address. Two specific tools were used in multiple attacks that gave the actors the ability to take control of a system without being detected by antivirus programs. Despite the effectiveness of these tools, some of these actors showed remarkably poor operational security that revealed their infrastructure and real world identities. ” They further added that, “This sample is a variant of the NetWire RAT crypted with a tool named DataScrambler to avoid AV detection”
The experts said that their research into this scam started in May 2014 after some customers of Palo Alto Networks detected a malicious phishing campaign, which used e-mail attachment named “Quatation For Iran May Order.exe”, “Samples Photos Oct Order.exe” and “New Samples Required.exe”

The Palo Alto experts noted that Silver Spanier did not build or author any malware, instead the operators behind the campaign purchased malware from the Tor underground forums where this kind of malwares are usually sold.

The experts believe the operators of Silver Spaniel may just be ordinary criminals without the sophisticated knowhow because they are relying entirely on social engineering to trick victims into installing malware.
“The tactics, techniques and procedures deployed by Silver Spaniel actors indicate their sophistication level is low compared to that of nation-state sponsored actors and advanced cyber criminals. While many actors use commodity RATs like NetWire, running an operation from a PC and not being careful to avoid exposing one’s actual IP address shows a lack of concern for or knowledge of operational security. “
This findings by the experts at Palo Alto are just a precursor to the larger things to come. The Nigeria 419 scam is used massively in the cyberworld to fool victims and if very cyber criminal uses a similar trick to deliver malicious payload to the victims, the day will not be far when high risk trojans and worms are delivered to the victims.

View user profile

View previous topic View next topic Back to top  Message [Page 1 of 1]

Permissions in this forum:
You cannot reply to topics in this forum