Operation Mangal: Targeted Attacks Against Indian Organizations

working of the attack

The first RTF exploit was found by McAfee researchers on August 21. Subsequently, we saw multiple variants of the same exploit through October. The contents of the decoy documents are politically themed, targeted at several local and overseas Indian establishments.

The attack arrives as an attachment to spear phishing emails targeting Indian organizations. At launch, the exploit drops dw20.exe in the %temp% directory, opens the attacker’s specially crafted decoy documents, and drops gupdate.exe in the same location. The last file connects to multiple control servers in a staged fashion.

For more info : http://blogs.mcafee.com/mcafee-labs/operation-mangal-win32syndicasec-used-targeted-attacks-indian-organizations


Uber’s Android app is Literally Malware?


The popular ride-sharing service Uber has been hit by various controversies lately, but now the things gone even worse for the company when a security researcher made a worrying discovery this week and claims, “Uber’s app is literally malware.
The ride-hailing company is in disputes of handling privacy of its customers data. A Phoenix-based security researcher Joe Giron found that a surprising amount of users’ data is being collected by the company’s mobile application for Android.
Researcher, who runs a cyber security firm in Arizona, just reverse-engineered the code of Uber’s Android application and come to the conclusion that it is a malware. He discovered that the app “calls home” and sends data back to the company.
And why the hell the uber app wants to access all the sms,call logs, camera, wificonnection, wifineighbours.
source :: http://www.gironsec.com

Sony Pictures HACKED; Studio-Staff Computers Seized by Hackers


It’s a bad day for Sony yesterday!! Sony appears to be hacked once again by hackers, but this time not itsPlayStation, instead its Sony Pictures Entertainment – the company’s motion picture, television production and distribution unit.
According to multiple reports, the corporate computers of Sony Picture employees in New York and around the world were infiltrated by a hacker, displaying a weird skeleton, a series of URL addresses, and a threatening message that reads:
Source: THN

Egyptian Cyber Army: The hacker group attacking ISIS propaganda online


There’s a new hacking group in cyberspace, and it’s going after the Islamic State’s online propaganda.

Last week, less than 24 hours after ISIS social media accounts posted a threatening message from the group’s leader, the audio recording was replaced with a song and its transcript with a logo resembling that of the Egyptian military, accompanied by a writing in Arabic that read “Egyptian Cyber Army.”

The Egyptian Cyber Army is clearly inspired by the infamous Syrian hacktivist group, but a spokesperson told Mashable that the group’s members are all Egyptians — some civilians, some with a military or police background — all sympathizers of the Egyptian government led by former Commander-in-Chief Abdel Fattah el-Sisi.