Search This Blog

Showing posts with label Email. Show all posts

Hackers hiding malware behind Captcha







Hackers are hiding malware inside the Captcha to evade email security gateways. This technique helps attackers in establishing the authencity of the email. 

There are various social engineering methods that are used by the hackers in tricking users to believe them. 

A new email campaign using an email id @avis.ne.jp, alerts recipients that they received a voice message.  The voice attached with a preview tempts users to listen to the full message.

The email contains a play button, which directs users to the page that contains captcha, this step is to bypass the automated analysis tools and to bypass secure email gateways.

The malicious page asks users to select a Microsoft account to log in when the victim login all their credentials are captured.

“Both pages are legitimate Microsoft top-level domains, so when checking these against domain reputation databases we receive a false negative and the pages come back as safe,” reads Cofense report.

Before clicking on any link attached to the email, the user should investigate that the website is safe or not. 


Aeronautical agency’s email account hacked

The official email account of the Aeronautical Development Agency (ADA) was recently hacked and data manipulated, allegedly by a private aerospace engineering company.

The hackers breached into the TAN login and even changed a mobile number linked the certain account and unauthorised online corrections were made to manipulate tax returns of a private aerospace engineering company in Bengaluru.

Rangarajan S (58), a senior executive with the ADA, filed a complaint with the cybercrime police of the Criminal Investigation Department (CID) seeking legal action against unknown hackers on June 4. Based on the complaint, the police registered a case under various sections of the Information Technology Act and are probing.

In his complaint, Rangarajan said the hackers not only accessed details of financial transactions, but also made changes in the TDS for 2017-18. In addition to this, the hackers also allegedly changed the password, email ID and mobile IDs, and updated the PAN details of the company they belonged to. The police said the fraud might have occurred between March and May this year and come to light recently during the verification of official accounts.

“On March 31, an amount of Re 1 has been remitted to ADA’s TAN number. Also, some unknown person has filed 27EQ return of 4th quarter FY 2018-19 offline on May 7 (possibly at TIN-FC centre). ADA’s TDS Reconciliation and Correction Enabling Systems user ID and login password have been accessed unauthorisedly on May 14.”

Confirming the account’s hacking, senior ADA officials said that though there has been a breach in the account, there is no security concern. “This is not a serious issue as the account was in the open domain. No data pertaining to the agency has been compromised,” an officer said.

The cybercrime police are trying to ascertain the motive behind the hacking.

Microsoft’s email services hacked




Microsoft has confirmed a data breach by unknown hackers who might have been successful in accessing a ‘’limited’’ number of Microsoft customer’s Email.

According to the company, hackers breached the Microsoft network between January 1 and March 28 and compromised the Microsoft support agent’s credentials.

Microsoft sent an email notification to all their customer via stating, “This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments”

The company has confirmed the incident to TechCrunch that account of users of services like @msn.com and @hotmail.com had been compromised in the recent breach, but the exact number of victims is not known. 

“We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access,” said a Microsoft spokesperson in an email.

Microsoft is urging all its affected users to change their passwords immediately.