Forum latest

  • Happy Birthday Daniel ~!
    Allan, how very cool to hear from you! I hope that it goes well for you and your fami...
  • Happy Birthday Daniel ~!
    Does "Happy belated birthday wishes" even cover this by now? :-) Not sure it does! S...
  • It's true..
    Watched "Now You See Me 2" last night. Been a while since the first one, so I'm not a...
Cyber-Jihad Group Could Be Behind Worm Clogging Email Servers Worldwide, Researcher Says
Security
Written by Daniel   
Friday, 10 September 2010 18:32

From Dark Reading


Name of hacker known for Web defacements, recruiting cyberjihadists to infiltrate military found in code

A new old-school email worm spotted spreading rapidly yesterday and choking email servers worldwide could be the handiwork of a hacker group known for waging cyber-jihad, a security researcher said today.

 



Joe Stewart, director of malware research for the counter threat unit at Secureworks, says the Brigades of Tariq ibn Ziyad, a self-proclaimed "cyber-jihad" organization, may have set off the worm that crippled email servers in major organizations over the past day in some cases using the subject line "Here you have," reminiscent of 2001 Anna Kournikova virus. Stewart discovered a username of "Iraq_resistance" embedded in the binary of the malware that was similar to one sent out in August.

"If you go searching for that hacker, that username goes with" him, Stewart says. "He's done some minor defacing in the past ... In 2008, we heard from this guy that [they] wanted to get other hackers to join the Brigades of Tariq ibn Ziyad and wage cyber-jihad, the targets being the U.S. Army and institutions thereof."

Stewart says he can't be 100 percent sure that the malware is tied to this group, but there are several obvious connections besides the username in the binary code, including the fact that the backdoor downloads a Trojan that's set to connect to a server of a similar name of the organization, and that the password-stealing tool downloads used in the attack are all written with Arabic-language documentation. "It could be someone pretending to be those guys" in the organization, Stewart notes.

[More...] [Comments...]

 

See also

None found.


Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either