Breaking News

Showing posts with label Website. Show all posts
Showing posts with label Website. Show all posts

Tuesday 15 September 2020

Evilnum Hackers Targeting Financial Firms With A New Python-based RAT

 Evilnum Hackers Targeting Financial Firms With A New Python-based RAT

An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan (RAT) that can steal passwords, documents, browser cookies, email credentials, and other sensitive information.

In an analysis published by Cybereason researchers yesterday, the Evilnum group has not only tweaked its infection chain but has also deployed a Python RAT called "PyVil RAT," which possesses abilities to gather information, take screenshots, capture keystrokes data, open an SSH shell and deploy new tools.

"Since the first reports in 2018 through today, the group's TTPs have evolved with different tools while the group has continued to focus on fintech targets," the cybersecurity firm said.

"These variations include a change in the chain of infection and persistence, new infrastructure that is expanding over time, and the use of a new Python-scripted Remote Access Trojan (RAT)" to spy on its infected targets.

Over the last two years, Evilnum has been linked to several malware campaigns against companies across the UK and EU involving backdoors written in JavaScript and C# as well as through tools bought from the Malware-as-a-Service provider Golden Chickens.


Back in July, the APT group was found targeting companies with spear-phishing emails that contain a link to a ZIP file hosted on Google Drive to steal software licenses, customer credit card information, and investments and trading documents.

While the modus operandi of gaining an initial foothold in the compromised system remains the same, the infection procedure has witnessed a major shift.

Besides using spear-phishing emails with fake know your customer (KYC) documents to trick employees of the finance industry into triggering the malware, the attacks have moved away from using JavaScript-based Trojans with backdoor capabilities to a bare-bones JavaScript dropper that delivers malicious payloads hidden in modified versions of legitimate executables in an attempt to escape detection. 

"This JavaScript is the first stage in this new infection chain, culminating with the delivery of the payload, a Python written RAT compiled with py2exe that Nocturnus researchers dubbed PyVil RAT," the researchers said.


The multi-process delivery procedure ("ddpp.exe"), upon execution, unpacks shellcode to establish communication with an attacker-controlled server and receive a second encrypted executable ("fplayer.exe") that functions as the next stage downloader to fetch the Python RAT.

"In previous campaigns of the group, Evilnum's tools avoided using domains in communications with the C2, only using IP addresses," the researchers noted. "While the C2 IP address changes every few weeks, the list of domains associated with this IP address keeps growing."


While Evilnum's exact origins still remain unclear, it's evident that their constant improvisation of TTPs has helped them stay under the radar.

As the APT's techniques continue to evolve, it's essential that businesses remain vigilant and employees monitor their emails for phishing attempts and exercise caution when it comes to opening emails and attachments from unknown senders.


Found this article interesting? Follow THN on Facebook, Twitter  and LinkedIn to read more exclusive content we post.

Wednesday 9 September 2020

Best Hacking Websites

 

Best Hacking Websites


Here are the Best hacking websites for ethical hacking practice. Do you want to practice ethical hacking on websites, but didn't know where to do it? Then you are in the right place. In this guide, We have created a list of Best hacking websites for you on which you can do ethical hacking legally.

There is a very high demand for Ethical hacking and cybersecurity skills. Almost everything such as web applications, mobile devices, etc are connected to the internet. So it is not surprising that the people who love ethical hacking want to practice their hacking skills, Just for them, these hacking websites are made to sharpen their skills.

Almost every day in the ethical hacking forums I found the newbies asking for hacking websites or from where they can learn to hack. Especially for them, I have done the research and then created a list of best hacking websites on which you can learn ethical hacking, and also you can test your ethical hacking skills.

I know most of you may have completed a bunch of ethical hacking tutorials. Now your next step should be to practice your skills. It might be unethical and illegal to test your skills on other websites and products. So for you, we have created a list of hacking websites on these websites you can legally practice your Ethical hacking skills.

Below is the list of some best hacking Websites:

1. Hack This Site

Hack this site is a free hacking website for hackers to test and expand their hacking skills. In order to use this site for ethical hacking just register on the website for free and get started. After registering successfully you will find the tasks that are divided into several categories such as phreaking, forensics, steganography, etc.

This hacking site also provides you with ethical hacking articles and a forum where users discuss their problems related to cybersecurity.

The developer of the website recently announced that the website is coming with some big updated and improvements.


2. Hack The Box

Hack The Box is one of the best hacking websites to test your skills. Same like hack this site the tasks are divided into various categories. This site also has many live machines that are updated continuously in a specified period of time.

Joining Hack The Box is a little tricky you need to take their hack invite code challenge. If you are able to get the invite code then only you can register on the site. 

Hack The Box is free but also contains private labs. This website is perfect for beginners as well as for professionals.


3. Root Me

Up to 377 challenges are available for you on this hacking site. It is one of the best hacking websites in the list that offering you a way to learn a lot of hacking technics.

There are dozens of virtual environments available you can access all of them just with few clicks. This may give you a realistic learning environment, without any limitation.

This is The fast, easy, and affordable way to train your hacking skills. In order to use this site just register on the site, and challenge your hacking skills by completing hacking challenges.

The website is available in the following languages: English, French, and Deutsch.


4. Pentester Lab

The site provides lots of vulnerable systems that can be used to test vulnerabilities. The lab covers everything from basic bugs to advance vulnerabilities. This hacking website will provide you with the best environment that will help you learn but you'll also have fun doing it.

Using a pentester lab is the easiest and convenient way to learn penetration testing. You can work with vulnerabilities both online and offline. The online option is available only for those who have Pentester Lab Pro subscription.

The pentester lab pro subscription will cost you $34.99/3 Months if you are a student, and if you are an individual then it will cost you $19.99/Month or $199.99/Year.


5. Game of Hacks

Through this hacking website, you can easily test your hacking skills in a fun way. On this website, you will be presented with the piece of vulnerable code and your task is to find out which vulnerability exists in the given code. You will be provided with the multiple-choice answers to find the correct vulnerability in the code.

I found this site as one of the best hacking websites to test your hacking skills in a fun way. There is even no need to register on the website. Just go to the web address and start testing your skills.

This website will also help to improve your coding skills.


6. Hack Me

Hack.me is a FREE, community-based project powered by eLearnSecurity. The website contains a large collection of Vulnerable web applications on which you can test and increase your ethical hacking skills.

The platform is available free for all without any restriction just you need to register on the website and get started with the vulnerable web application.

You can taste your hacking skills in a secure and isolated sandbox.


7. Defend the Web

If you are looking for an alternative to "Hack this site" then this is the best website to go with. This website contains lots of tasks on different levels. By performing these tasks on the website you can increase your skills from beginner to advance level. 

After successful completion of the task, you will get points depending on the difficulty level of the task.

The team of "Defend the Web" also provide you with ethical hacking articles and also they have a hacking forum where you can discuss the errors or problems that you are facing while solving the task.


8. Hellbound Hackers

Hellbound hacker is another one of the best hacking websites, You will find most of the tasks unique here. You will get tasks such as application patching and time-limited tasks. In patching tasks, you are given a vulnerable piece of code and you need to suggest a fix for this vulnerability.

There are many hacking articles available on the website, these articles will also help you to improve your skills. You can also discuss the task that you are completing on the forum of hellbound hackers.

You just need to register on the website. After successful registration, you will start receiving hacking tasks from the website.


9. OverTheWire

OverTheWire community provides you Wargames through which you can test and increase your skills in a fun way. 

OverTheWire helps you to learn the security concepts in the form of fun games. In order to play, You need to connect to the game using SSH port. Please note that every game has a different SSH port.

10. Enigma Group

Enigma Group is one of the oldest hacking websites that provide over 350+ tasks all the tasks are focused on OWASP top 10. This site hosts weekly as well as monthly CTF challenges.

In order to use the Enigma Group website to increase your hacking skills, You just need to register on the website. After successful registration, you can start completing the tasks.

Currently, the website has over 20,230 users.


11. Google Gruyere

This website is full of vulnerabilities and bugs this website is best for those who are just starting to learn about application security.

This website shows you how to exploit any web vulnerability and how can you protect against these vulnerabilities.

By using this site you can easily hack web applications using attacks like XSS and XSRF. 

You don't even need to register on this website. You can get started just by going on to the website.


12. w3challs

w3challs offers you security challenges that help you to practice ethical hacking. You will get most of the CTF tasks on this website.

You just need to find the vulnerability in the system. After that, you need to exploit the vulnerability that you discover and after that, you need to capture the flag to own the flag. By doing that your level will get increased, and also you will learn many things.

If you are badly stuck on the task then you can ask for help on their forum.