Malware Automates Storing of Data Haul on File-Hosting Site SendSpace

News

Added 7th Feb 2012

Jeremy Kirk

Trend Micro researchers have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval.

Malware authors have used file-hosting and sharing servers for that purpose before, but this is the first time malware has been noticed to do that automatically, wrote Roland Dela Paz, a threat response engineer with Trend Micro.

SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote.

It appears SendSpace's terms of service would prohibit use of the site that way. SendSpace said in response to an email that it was "notified of this several days ago by Trend Micro themselves, and we're working to find a solution for this."

File-storage services offer several advantages for cybercriminals, said Rik Ferguson, director of security research and communication for Trend Micro in Europe.

Although the cybercriminals often use networks of proxy computers to mask how they are communicating with a compromised computer, using a storage service adds another layer, Ferguson said. "It breaks in some ways the chain of evidence," he said.

Also, authorities would be less likely to take down a legitimate file-hosting service than a new server set up by scammers, Ferguson said.

The services are especially useful for so-called Advance Persistent Threat attacks, where cyberspies seek to infiltrate an organization for a long period of time, Ferguson said. There is also a better chance that organizations that are hacked will not regard outbound connections to a file-hosting service as suspicious, making it less likely the connection will be shut down, he said.

"Basically it's criminals taking advantage of public infrastructure to appear less suspicious," Ferguson said.

latest news

Gearing IT for the Rains: What CIOs Need to Know

Here's how CIOs can prepare their organizations for monsoons, when faced by flooded basements, stranded employees, and disrupted services.
Why Microsoft Office for iPad is Inevitable

New reports have surfaced that Microsoft is developing Office apps for iOS and Android. If true, it's a very smart move by Microsoft.
Mobile Workers Work Longer Hours

Almost two-thirds of mobile employees say they are working 50 to 60 hour-plus weeks, with most working weekends too, according to research.
IBM: Only 16% CEOs Using Social Media to Connect with Customers

IBM says a study it did of some 1,700 Chief Executive Officers worldwide found that many indeed - or should be -- grasping social media as a key enabler of collaboration and innovation.

View all news

CIO

Security

articles

BYOD: Making Sense of the Work-Personal Device Blur

A panel of five IT executives gathered on the main stage of the Consumerization of IT in the Enterprise Conference and Expo, or CITE, in San Francisco this week to discuss ways to empower a fast-emerging class of workers.

articles

Remote Workers: Avoiding Double Trouble that Comes with Them

Meeting both security and productivity challenges - as firms sharply increase use of flexible employee basing - is essential.

articles

How to Corral Your Security Consultants : Anonymous

Security consultants aren’t a shrewd breed but if you give them too much freedom—without laying down clear ground rules—your organization will suffer.

articles

Hackers Master Car Theft by Text Message

A recent report by the Associated Press paints a frightening picture: Hackers have learned to unlock a car's doors and start its engine simply by sending text messages to a vehicle's security system.

articles

Cyber Crime’s Frequent Flyers

Cybercrime Unsatisfied with stealing bank account information from their victims, cyber criminals steal frequent flyer miles, too. The miles are used as currency among some of the miscreants, according to a report released by the malware fighters at the Kaspersky Lab.

case studies

BYOD: The Essar Way

Say BYOD, and CIOs cringe. They complain of security, supporting a flood of devices and losing control. But the CIO of Essar Group just proved his peers wrong. Here’s how.
- N. Jayantha PrabhuCTO, Essar Group

case studies

Kuoni Standardizes to Cut Risk

CIO 100 Winner: Dhiren Salva of Kuoni Travels laid plans for an impeccable DR and business continuity plan. He first consolidated business apps, thereby trimming the number of his servers and standardizing platforms. He then balanced his Mumbai and London datacenters so that in a disaster they could accommodate each other.
- Dhiren Savla, CIOKuoni Travel India

case studies

How Business Continuity Implementation Helped Cognizant Stay Ahead

CIO 100 Winner: A company as big and as widespread as the Rs 13,500 crore, 62,000-strong Cognizant Technology Solutions, is more vulnerable to risks - good business continuity and disaster recovery solutions saved the day for them.

- Satish Kumar DasCSO, Cognizant Technology Solutions

case studies

Eveready Boosts Forecast Accuracy with a Simple Mobile App

Eveready struggled to keep a tab on its inventory across 3.3 million retail outlets. Read how a mobile app linked its sales force and distributors to the HQ and helped improve forecast accuracy and fulfill demands on time with lean inventory.
- Arup Choudhury Sr. GM-IT, Eveready Industries

videos

The Art of Building Security

videos

Biometric Security: A Success Story

videos

How to Spot a Liar

videos

Executive View Point: Arthur Coviello, President - RSA, The Security Division of EMC

news

Android Malware Used to Mask Online Fraud, Says Expert

Android malware being automatically distributed from hacked websites looks like it's being used to mask online purchases, and could be part of a fraud gang's new push into mobile, researchers said.

news

Half of All Macs Will Lack Access to Security Updates by Summer

Unless Apple changes its security update practice, nearly half of all Mac users will be adrift without patches sometime this summer.

news

Hacktivists Have The Enterprises' Attention. Now What?

According to a number of recent surveys, Most IT and security professionals see Anonymous as a serious threat to their companies. So what to do about it? Should it change the way organizations secure their systems? Experts say, simply, most enterprises probably should.

news

Microsoft Plans Big May Patch Slate For Next Week

Microsoft said it would ship seven security updates next week, three critical, to patch 23 bugs in Windows, Office and its Silverlight and .Net development platforms.

news

Consumerization Trend Driving IT Shops 'Crazy': Gartner

IT managers who grapple with Bring Your Own Device (BYOD) policies can expect to see an explosion of different smartphones and tablets used by their workers in the next few years.

news

'Hyperspeed Signalling' Could Prevent Cyber Attacks: Researchers

Security engineers at the University of Tulsa have found a way to identify cyber attacks before they reach their target, enabling network administrators to take pre-emptive measures to protect their IT systems.

CIOIN