Home > Cyber News > Fake Security Certificate Messages Deliver Mokes and Buerak Trojans
CYBER NEWS

Fake Security Certificate Messages Deliver Mokes and Buerak Trojans

Computer hackers are leveraging a novel phishing messages technique that is used to deliver dangerous malware to the target computers.

The hackers are creating special sites and sending out email messages that are designed accordingly. It is very possible the hackers are very experienced as they have copied the typical error message design.




Security Certificates Global Phishing Campaign Used To Leverage Trojans

A new phishing tactic leveraging various Trojan payloads has been detected by security researchers. There is no information available about the identity of the group — we anticipate that they are experienced enough to have created this new strategy. The hackers are creating special phishing messages and sites that imitate common browser errors and operating system-like notifications. This means that the sites will be hosted on domain names that sound very similar to the services and companies which are shown.

Here’s an example of a browser error related to a security certificate:

Links to the sites and the emails can be sent using different mechanisms. This includes the hosting of landing pages which are hosted on domain names that sound very similar to the companies which are impersonated. They can be linked in different online communities — online forums, chatrooms, social networks and etc.

When such a page is opened by the victims an error notification will be shown which will prompt the users to “update” the definitions. This is an intentional placement — the contents is placed in an iframe which loads a JavaScript code hosted on a third-party site. This means that infection will be loaded from another domain while at the same time the users will not see an address change. If the victims interact with the shown page a malware will be downloaded onto their computer. At this moment there are two particular threats which are delivered via this mechanic — the Mokes Mac Trojan for MacOS and the Buerak Trojan for Windows.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree