SEATTLE – Rivalries in the hacking world can be interesting. Two names have surfaced in pastebin, the site where stolen docs and other evidence of hacking capers often surfaces, by someone using the handle “ThisIsGameOver.”
According to Dodi Glenn, researcher at ThreatTrack Security, the posting includes information on two individuals that ThisIsGameOver believes to be behind the Syrian Electronic Army, the hacking group that claimed credit last week for the hacking of recommendation site, Outbrain, which enabled them to crack into three of Outbrain’s marquee partners, the Washington Post, Time and CNN.
In that hack, the SEA used the least technical, most successful form of initial hacking: spear phishing. An Outbrain employee fell for an e-mail pitch to click on a viral web link. The hackers were then able to get log-ons for the employee’s work related accounts, and thus able to extend the hack to Outbrain’s partners.
“Any company can fall victim to social engineering,” says Dodi Glenn, researcher at Threat Track Security. “Organizations need to train employees on how to spot these attacks, so that they don’t provide user credentials.”
Another intensely used form of infecting computers on a mass scale involves the use of so-called exploit kits, two widely available ones being “RedKit” and a family of tools referred to as “Blackhole” kits. RedKit and Blackhole kits have emerged as a cybercriminal’s indispensible Swiss Army knife. The automate the process of embedding auto-loading infections, known as “drive-by downloads” on popular, high-traffic websites.
Security experts estimate that hundreds of millions of home, work and web site serving computers are already infected and used by bad guys to spread spam scams, steal from online financial accounts and launch denial of service attacks to shut down targeted websites.
“We have seen organizations such as the Cyber Fighters of Izz ad-Din al-Qassam use denial of service tactics to disrupt banking activities. More often than not, these DDOS attacks are done by botnets,” says Glenn. “The botnets were more than likely created by using an exploit kit. Since they may not be able to actually gain access to the banks servers, they can still disrupt normal business by taking down servers by saturating their networks with requests.”