Casa > cibernético Notícias > Rovnix Trojan Campaign Targets Users in the UK
CYBER NEWS

Campanha Trojan Rovnix Alvos usuários no Reino Unido

Campanha Trojan Rovnix Alvos usuários no Reino UnidoEspecialistas em segurança da Bitdefender alertam sobre uma nova onda de infecções por Trojan Rovnix visando informações confidenciais. Sobre 130 000 computadores foram comprometidos no Reino Unido até agora.

Analysts label this campaign as one of the most successful ones in the past few months. The crooks have been also quite precise as about 87% of the targeted machines are located in the UK. Entre 0.05% e 4% of the attacks have hit countries like Germany, os EUA, Italy and Iran.

According to Bitdefender experts, the ongoing campaign is a proof that the Rovnix botnet is still growing bigger and stronger. The fact that the cyber criminals have chosen encrypted communications in this campaign is considered a sign that this particular threat is still being developed. More attacks are expected in the coming months.

By analyzing the DGA of the botnet, the experts found out that five to ten domains are generated per quarter or twenty to forty per year. In the process are used word lists that were extracted from publicly available text files like RFC (Request for Comments) pages and GNU Lesser General Public License. Although the campaign is targeting computers mainly in the UK, the US Declaration of Independence is used as a reference when C&C domain names are being generated.

The researchers discovered that unlike in the first attacks, where the data exfiltration from the compromised machine to the C&C server was carried in an unencrypted format, the new campaign is using encryption in order to avoid detection by security products.

Bitdefender specialist’s recommendations:

  • Keep your operating system updated.
  • Make sure that your antivirus program is up-to-date too.
  • Beware of scams that require the execution of unknown code or applications.
Avatar

Berta Bilbao

Berta é um pesquisador de malware dedicado, sonhando para um espaço cibernético mais seguro. Seu fascínio com a segurança de TI começou há alguns anos atrás, quando um malware bloqueado la fora de seu próprio computador.

mais Posts

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...