Bangalore: Social engineering is emerging as one of the most widely used and effective methods that the cybercriminals are using to deceive the victims. It is also being used by scammers, traditionally reliant on basic spamming emails who are now evolving to more complicated methods.
Hawkeye, a keylogger tied to Predator Pin and Limitless has recently been exposed by Trend Micro. Two Nigerian hackers, identified through aliases Uche and Okiki were using the malware to gain access to SMBs across the globe through holiday themed social engineering techniques, and were also successful to some extent. These scammers were using the Hawkeye Keylogger to steal email and websites credentials, as well as logging credentials. These hackers are patient. They build a level of rapport with their victims through a series of emails before delivering the malware-infested attachment. The victim remains unaware of the attack on their system as the attachment will be disguised by the encryptors.
Additionally, the Nigerian duo covered their tracks by using exfiltration using SMTP, as well as maintaining multiple email accounts in 90 percent of the campaigns. It is also notable that this complicated methodology is a departure for Nigerian hackers who generally use simpler methods of attacking such as generic spamming.
Speaking about the issue, Dhanya Thakkar, Managing Director, Asia Pacific, Trend Micro says, “Hackers have now been witnessed attacking SMBs and it is essential for us to be ready to combat any such attacks. As per our recent research, we believe that social engineering techniques which are being extensively utilized by SMBs have emerged as the route for these hackers. As a regular practice, along with offering best of solutions, we will continue to inform our existing and prospective users on any such advanced persistent threats”.