Malware grabs passwords for various sites in Gulf States and the Caribbean
Government (Foreign) // Hospitality // Technology // Telecommunications // Other Critical Infrastructure // Gulf of Mexico
A worm guised as a PDF attachment in an email stole credentials from several government and industry personnel in the United Arab Emirates, Oman, Bahrain, and a couple of Caribbean islands.
The malicious software carried a keystroke logger, a mail password recovery tool, and a browser password recovery tool.
By analyzing output files generated by the worm, McAfee determined the victims ranged from local government entities to companies operating in the telecom, IT, travel, and natural resources sectors. The credentials the criminals acquired contained usernames and passwords for a variety of sites:
- Webmail of the victim’s institute/company
- Hotmail
- Internal CRM system
- News-site logins
- Travel reservation systems
- E-services for governmental institutes
- Firewall logins
- Tender site logins