Recently, Kaspersky researchers noticed a rather unique scheme for distributing malware that exploits SourceForge, a popular website providing software hosting, comparison, and distribution services.
The site hosts numerous software projects, and anyone can upload theirs. One such project, officepackage, on the main website sourceforge. net, appears harmless enough, containing Microsoft Office add-ins copied from a legitimate GitHub project. The project under investigation has been assigned the domain officepackage.sourceforge[.]io, but the page displayed when you go to that domain looks nothing like officepackage on sourceforge. net.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Personalized spam campaign targets Germany
March 20, 2017
A spam campaign Symantec observed in January 2017 targeting people who live in Germany appears to be, once again, using detailed, real personal information to enhance the believability of the messages. Victims who open the message attachments are likely to have their Windows computers infected with malware that steals banking information. First seen in the UK Symantec ...
- Cybercriminals getting as good as nation state spies – report
March 14, 2017
The European energy sector is being targeted by advanced threat actors seeking proprietary information to advance the capabilities of domestic companies, according to FireEye Mandiant. The latest annual report by FireEye’s incident response arm further warns that cyber threat groups are also targeting European industrial control systems for potentially disruptive or destructive operations. The capability of cybercriminals ...
- Fighting cyber crimes in offshore oil and gas industry
March 1, 2017
Cyber crime costs offshore oil and gas companies millions each year in lost business and damaged equipment, a cyber attack on critical infrastructure, such as an oil rig, can result in more than just lost revenue but it can be catastrophic for the environment and have far reaching impacts. However, cyber security on actual installations is ...
- New Global Cybersecurity Report Reveals Misaligned Incentives, Executive Overconfidence Create Advantages for Attacker
March 1, 2017
Intel Security, in partnership with the Center for Strategic and International Studies (CSIS), today released “Tilting the Playing Field: How Misaligned Incentives Work Against Cybersecurity,” a global report and survey revealing three categories of misaligned incentives: corporate structures versus the free flow of criminal enterprises; strategy versus implementation; and senior executives versus those in implementation ...
- Even bakeries get hit by hackers, top insurer warns ‘ill-equipped’ small businesses
February 27, 2017
Bakers are not immune from the hacking epidemic spreading across Europe, a top insurer has warned. Hiscox boss Bronek Masojada said small businesses faced just as much risk as large ones from cyber crime – but many did not have the resources to combat it. He said that in one case, a German bakery was targeted by ...
- Treason charges against Russian cyber experts linked to seven-year-old accusation
February 26, 2017
Treason charges brought in December against two Russian state security officers and a cyber-security expert in Moscow relate to allegations made by a Russian businessman seven years ago, according to the businessman and a source connected with the investigation. They said the arrests concern allegations that the suspects passed secrets to U.S. firm Verisign and other ...