How a scanner infected corporate systems and stole data: Beware Trojan peripherals

Kurt Marko writes: A new form of highly targeted cyber attack patently demonstrates the shift in malware sophistication and motivation. Annoying hacker pranks done for fun and sport have been supplanted by sophisticated, multi-stage software systems designed for espionage and profit. The new attack, discovered by TrapX, a developer of security software formerly known as CyberSense, is one of an increasingly common genre known as an Advanced Persistent Threat (APT) of the type that stole debit card numbers from Target or sensitive data and login credentials from any number of companies. What makes this recent attack noteworthy isn’t its basic design, operation or targets, but means of initial delivery: contaminated firmware on a type of industrial barcode scanner commonly used in the shipping and logistics industry. Similar to the technique used to introduce the infamous Stuxnet worm that took out Iranian centrifuges and managed to penetrate ostensibly highly secure networks via ordinary USB thumb drives, the so-called Zombie Zero worm invaded corporate data centers through a back door. [Continue reading…]

Facebooktwittermail