Cybercriminals Shifting To Bugat 48
wiredmikey writes "Cybercriminals are changing up their weapons, trying to diversify their attack tools using a platform that is less well known and therefore harder to detect and block. With so much focus on the ZeuS Trojan, recent attacks utilized a variant of 'Bugat,' another Trojan horse that steals information from a compromised computer and sends it to a remote host. Bugat was first discovered in January of this year but, like ZeuS, has seen some different variants. In last week's attack, LinkedIn users received emails alerting them of a 'Contact Request,' and encouraging them to click through to a malicious URL where a java applet fetched and installed the Bugat executable."
Simple solution (Score:5, Insightful)
When is the simple solution going to be applied by users: never trust links in e-mail. If I got an e-mail from LinkedIn telling me about a contact request, I'd ignore any URL in the e-mail. I'd go to LinkedIn itself through the bookmark already in my browser. If it's a real contact request, it'll be sitting in my inbox there waiting for me. I don't need to trust anything in the e-mail. And if there isn't anything waiting in my inbox, then the e-mail was a fake and I shouldn't be trusting anything in it.
It's the same rule as for unsolicited phone calls. If someone calls you up claiming to be from the power company saying you've got an overdue balance and you have to pay up or have power shut off, you do not accept their helpful offer of doing the payment over the phone if you'll just give them your bank-account number to do an e-check. You've no idea whether it's actually the power company calling or just some random con-man. You thank them, hang up, pull out your last bill and get the customer-service number from that. Then you call that number and ask them about the status of your account. And if they say you are, it's now safe enough to do an e-check because (barring someone having usurped the phone company's switches themselves, or having switched physical bills on you) you know you're really talking to the power company.