Search in HRJ Tricks

Related Posts Plugin for WordPress, Blogger...

Sunday, March 31, 2013

Hacker uses Evernote account as Command-and-Control Server

Hacker uses Evernote account as Command and Control Server
Cyber criminals are using popular note-taking app Evernote as Command-and-Control Server to give commands to the malware installed on infected PCs using botnets...

TrendMicro uncovered a malware detected as “BKDR_VERNOT.A” tried to communicate with Command-and-Control Server using Evernote.
Malware delivered via an executable file that installs the malware as a dynamic-link library. The installer then ties the DLL into a legitimate running process, hiding it from casual detection. Once installed, BKDR_VERNOT.A can perform several backdoor commands such as downloading, executing, and renaming files. It then gathers information from the infected system, including details about its OS, timezone, user name, computer name, registered owner and organization.
Hacker uses Evernote account as Command and Control Server
Researchers also pointed out that the backdoor may have also used Evernote as a location to upload stolen data. "Unfortunately, during our testing, it was not able to login using the credentials embedded in the malware. This is possibly a security measure imposed by Evernote following its recent hacking issue."

"Though this is a clever maneuver to avoid detection, this is not the first time that a legitimate service like Evernote was used as a method of evasion."

Like Evernote, Google Docs, Twitter and others have been misused in the past.

1 comment:

  1. Hi just wanted to give you a brief heads up and let you know a few of the images aren't loading properly.
    I'm not sure why but I think its a linking issue. I've tried it in two different browsers and both show the same results.

    My web site: make up blogs