A new spear phishing scam has been unleashed on government agencies, using the recent PRISM scandal to try and lure victims in. The emails claim to have documents about the program and provide them as two pdfs and a .jar file. While the pdfs are harmless, the .jar file is a remote administration tool that lets the cybercriminals behind it take control of any computer. It infects. Since the attack is aimed at government agencies that means the hackers can potentially access all kinds of confidential, classified and sensitive data.
“The RAT can target not only Windows, but also Linux, Mac OS X, FreeBSD, OpenBSD, and Solaris (although we have not verified or observed the threat working on all of these operating systems),” the researchers pointed out, adding that “the threat has a builder tool that allows you to build your own customized versions of the RAT. The attack has been simplified as it does not involve the use of an exploit, nor an executable shellcode/payload, but simply relies on a Java applet. In fact, not only has the attack been simplified, but it has also become more stable and more virulent, it is a big upgrade!”
Sorry Apple fans, but that means even computers running OS X can be infected by this malware. Apple isn’t the virus free oasis it once was. Now that Apple computers are as popular as PCs, hackers have begun setting their sites on them. There was never anything particularly special about them that made them virus free except for their unpopularity. Hackers saw no reason to put the effort into infecting an OS only a minority used. These days, that’s changed. We are now entering a time when no OS, desktop or mobile, will be safe from malicious spam attacks. Fasten your seat belts because spear phishing and malicious spam attacks are only going to get worse.