Gotham Security Daily Threat Alerts

By Gotham
Posted in Security
On June 17, 2013

June 14, Softpedia – (International) RARSTONE RAT used in targeted attacks against Asian organizations. Trend Micro researchers identified a cybercrime campaign dubbed Naikon that uses the RARSTONE remote access trojan (RAT) to take control of targets’ computers. The campaign has been seen targeting media, energy, and government organizations in Asia and spreads through spearphishing. Source:

June 14, Softpedia – (International) Flash Player clickjacking flaw allows hackers to hijack your webcam. A researcher discovered a vulnerability in Adobe’s Flash Player that can be exploited to access a user’s webcam and microphone if the user is using the Mac version of Chrome, Linux, Chromium, and possibly other configurations. Source:

June 14, Softpedia – (International) AnonGhost claims to have hacked Mozilla emails, company responds. Mozilla reported that 50 email addresses were published by hackers associated with the AnonGhost group but that 16-character strings published with them were activation codes for Mozilla blogging software and not passwords as the hackers claimed. Source:

June 13, Softpedia – (International) Kilim trojan hijacks social media accounts with rogue browser extensions. Microsoft researchers found that the Kilim trojan uses malicious Chrome browser extensions to hijack targets’ social media accounts. Source:

June 13, Threatpost – (International) iOS 7 beta bug enables lockscreen bypass. An iPhone user published a demonstration of a method to bypass the lockscreen on phones running the beta version of Apple’s iOS 7 mobile operating system. Source:

June 13, Threatpost – (International) Zeus money mule recruiting scam targets job seekers. Attackers involved in a Zeus trojan campaign configured their variant of the banking malware to redirect users trying to access CareerBuilder to a fake jobs Web site in an attempt to recruit them as money mules for the fraud operation. Source: