On April 17, 2013, FireEye reported on a series of spearphishing attacks against government agencies and aerospace, defense, telecommunications companies in India and the United States.
The attachments which installed the malware varied considerably. Some were blank, some were unreadable, some purported to contain contact data for a U.S. serviceman. And some of the attachments were infected copies of an Indian researcher’s report on the Pakistani drone program.
FireEye reports on the various techniques that the attackers uses to prevent detection. FireEye identified this evasion methods:
- The file specifies fake properties, pretending to be Google or Microsoft.
- The file is large, which is atypical of malware. The large size also discourages detailed analysis.
- The file generates random data that gives it a unique hash.
- The malware uses clever programming tricks to evade detection by dynamic malware analysis systems.
Employees’ email decisions compromise security. IT needs to help employees make better email processing decisions. That is where SP Guard comes into play. Using SP Guard, IT can determine a list of trusted senders and provide this information to staff in a simple and highly effective manner.
You can contact us at 408-727-6342,ext 3 or use our online form.