Thursday, 31 August 2017

On 00:40 by Unknown   No comments
Security Experts reveals a new targeted Email Movement from Hackers side. Chinese Hackers using Fake Game of Thrones leaks and Spoilers. Also the videos to trap Game of Thrones fans and spread malicious malware. Security firm “Proofpoint” first came across an email on “10 August” with a subject line “Want to see the Game of Thrones Season 7  leak in advance?

Chinese Hackers sending Malicious Emails which contains some details of upcoming episodes of Game of Thrones leaks and Spoilers attached with a “malware-laced”Microsoft Word” attachment titled “Game of Thrones Preview.docx”.

These Emails contain Fake GOT Spoilers. Once downloaded and executed, the “File.docx” executes a malicious “PowerShell script” that installs a diskless “9002” (RAT). This script has already been used by “state-sponsored” Chinese hackers group “Deputy Dog”.

According to ‘Proofpoint researchers’ . “The 9002 RAT has already been used in attacks attributed to ‘Deputy Dog’, also known as APT 17”.

How Game of Thrones Leaks and Spoilers affecting the Fans


Once this script executes, the “9002 RAT” gives Hackers the “Data Exfiltration” capabilities. “Based on quite a lot of common identifiers, it is however possible that recent campaigns were carried out by the same actor that conducted the campaigns in early to mid-2014”, The Security Researchers said in a blog published on 25th of August.

The 2014 campaign looks a lot like the activity which was previously credited to the ‘Deputy Dog’ (AKA APT17) Actor. Furthermore, the ‘Deputy Dog’ actor has been observed utilizing a similar 9002 Trojan with a change of “4-byte XOR” Encoding Algorithm in Diskless Mode.

‘Proofpoint’ suspects that the attack was possibly carried out by ‘Deputy Dog’ “As due to the similarities in the Code, Payload, Same File Names, Images as well as the same Themes”. Even though they noted that they don’t currently have any convincing evidence that links to ‘Deputy Dog’. The Security Officials also said that they have enough likenesses to support a possible connection with them.

Don’t Open Any Game of Thrones Season 7 Leaks and Spoilers Document


However, it is worth noting that Game of Thrones Season 7 Episode 4 and 6 already leaked before. Proofpoint said in one of the Statements. “The use of Game of Thrones leaks and Spoilers during last season follows a mutual threat Actor Technique of developing rumors that are timely and relevant, and play on the human factor. Also, the natural curiosity and desire to click that leads to so many malware infections.

Past Events of the HBO Hack and Game of Thrones Season 7 leaks and spoilers:

  • Smith claimed that he had stolen 1.5 terabytes of data from the recent HBO Hack.
  • Smith is the same person who is known to be a Mastermind behind the HBO Hack.
  • Hackers have the Scripts of Unreleased Game of Thrones Episodes as well as full-length episodes.
  • The hackers also demanded a Ransom in terms of Bitcoins from HBO while threatening to release more data.
  • Hacker Group “OurMine” also hacked the Social Media Accounts of HBO and Game of Thrones
  • Personal Details as well as the Official Email Accounts of HBO and Game of Thrones Also Hacked.

“However, Proofpoint blocked this attack. The use of such lures which are Embedded with powerful malicious malwares like the latest version of the 9002 RAT which can open wide doors into corporate data as well as for the people behind these attacks.”

0 comments:

Post a Comment