martes, 22 septiembre 2020
Visitas totales a la web: 86043591

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

The most popular brand websites that hackers use for typosquatting campaigns

Shannon Vavra

The most imitated websites that credential-stealing, financially-motivated hackers have resorted to mimicking include Wells Fargo, Netflix, Facebook, and Microsoft, according to new Palo Alto Networks research published Tuesday.

Some of the other top brands that hackers have mimicked with typosquatting, a technique that relies on victims glancing over typos in website names that appear similar to other popular legitimate sites, also include PayPal, Apple, Royal Bank of Canada, LinkedIn, Google, Apple’s iCloud, Bank of America, Dropbox, Amazon, and Instagram, according to the research, which examines data collected in December 2019.

The hackers have been using these malicious domains to distribute malware, reward scams, run phishing campaigns and technical support scams, Palo Alto Networks’ Unit 42 researchers said in a blog post. Of nearly 13,857 squatting domains registered in December, 18.59% are malicious, “often distributing malware or conducting phishing attacks.”

Typosquatting has long been a favorite tactic for attackers looking to steal sensitive information and credentials, in part because it doesn’t cost much to initiate. Unit 42 researchers show that criminals are interested in social media, financial, shopping, and banking websites, where consumers might be profitable targets.

For instance, Unit 42 detected one campaign that imitated Wells Fargo with a scam domain — secure-wellsfargo[.]org — which presented victims with a copy of Wells Fargo’s site, but which is capable of stealing user’s ATM PINs and email credentials.

One malicious domain Unit 42 researchers caught — samsungeblyaiphone[.]com — would distribute Azorult, malware that steals credential and payment card information. This campaign could also target victims with subsequent downloads of other malware. Hackers have been using other malicious fake domains, including walrmart44[.]com, to target users with a pop-up message falsely warning users their Adobe Flash player needs an update. If users fall for the trick, they’ll be targeted with “potentially unwanted programs,” such as spyware, according to Unit 42.

The researchers found Cloudflare was the most frequent certificate authority typosquatting sites abused in December of 2019, likely because Cloudflare offers web hosting and free SSL encryption in a bundle. A close second choice for attackers was cPanel’s certification authority.

And although malicious typosquatting domain schemes, are fairly common, many security vendors aren’t adequately prepared to protect against them, the researchers note.

“The best-performing vendor covers about 25% of the malicious or high-risk squatting domains that we detected. Meanwhile, other vendors cover less than 20% of our detections,” the researchers write. “Lastly, we found that 55% of malicious or high-risk squatting domains are not detected by any vendors.”

In recent days hackers have taken to typosquatting to mimic websites related to the 2020 presidential election, according to a Department of Homeland Security bulletin, suggesting hackers are interested in using typosquatting for political or influence motivations.

This year, the U.S. intelligence community has assessed that Iran, Russia, and China are interested in influencing the 2020 presidential election, according to the Office of Director of National Intelligence.

It was unclear who was taking advantage of each of the malicious domains, but hackers linked with the Iranian, Chinese, and Russian governments have all previously used typosquatting in espionage campaigns, according to security researchers. It was unclear if the typosquatting Unit 42 researchers identified were being used with influence goals in mind.

Fecha de publicaciónseptiembre 01, 2020

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos

Recomendado

Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El paracaidista español que humilló a los «temibles» espías soviéticos

Joaquín Madolell, natural de Melilla y militar del Ejército del Aire, desarticuló la mayor red del espionaje...

UME, para servir

Uno se pregunta, al ver las estadísticas de bajas, por qué no funcionarán los gobernantes con la misma prontitud y eficacia que los militares. Circula un video en el que un general, a pesar de la mascarilla, explica claramente el funcionamiento de las Unidades militares; una perfecta organización en la que un estado mayor planea y dirige las operaciones en curso, mientras otro va programando las operaciones futuras. Todo un engranaje funcionando con eficacia, en silencio y sin alardes, donde cada elemento sabe lo que tiene que hacer y cómo hacerlo, sacando el máximo rendimiento de sus escasos medios, y a pesar de lo imprevisto y desconocido de un enemigo que dio la cara cuando ya estaba dentro.

Últimas noticias

El contraataque de Álvarez-Pallete

La retirada de César Alierta como máximo responsable de Telefónica en 2016 abrió las puertas de la Presidencia a su delfín...

¿Y AHORA QUÉ?

En España, nuestra Nación, para algunos simplemente país o IBEX35, todo está dicho en el Congreso, en la prensa y en las redes sociales....

Mozambique army surrounds port held by Isis-linked insurgents

Militants seized the Mocímboa da Praia site, which is near gas projects worth £45bn, last week Government troops are...

Strategic Security: Forward Thinking for Successful Executives

An engaging study of management from a security industry perspective, Strategic Security: Forward Thinking for Successful Executives unfolds like an academic program on strategic...

El desconocido error histórico de «Salvar al Soldado Ryan» con el Día D y el capitán Miller

Francis L. Sampson no era un maestro de escuela, sino un capellán militar de la 101ª División Aerotransportada Existen...