diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Trojans using Web 2.0 tricks to communicate

Security researchers have spotted Trojans that are using RSS feeds to communicate instead of their traditional method of “phoning home” to get marching orders from command-and-control centers that security researchers have learned to track down and blacklist.

Yuval Ben-Itzhak, chief technology officer for Finjan, told eWEEK that the security firm recently detected three separate Trojans using blogs of limited popularity to receive orders from botnet herders or to feed stolen information back to identity thieves.

The lure of using legitimate sites such as blogs or social networking sites is that attackers can hide behind the legitimacy of Web 2.0 brands such as Google or Yahoo, Ben-Itzhak said.

“[An attacker] can use legitimate sites, sites no one will block, as a shield, so no one will identify where his [command-and-control] servers are and where he’s located, and [the attacker] can use [Web 2.0 sites] as an intermediator between Trojans and the IP address where he’s collecting data,” he said.

This new type of Trojan—Trojan 2.0, as Finjan is calling it—is in an embryonic stage now, as Finjan has only spotted it in use at blogs of limited visibility. (Ben-Itzhak declined to name the blogs where the new Trojans are operating, lest Finjan give the false impression that blogs or social networking sites are somehow to blame.)

Full Article

Malware, Trojan, Security, Web 2.0, RSS, Feed

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...