Russian hacking tool gets extra stealthy to target US, European computers

From CNET: Russian hackers have a new tool up their sleeve to gain access to sensitive computers without getting caught, cybersecurity experts say. And they're using it to target US and European government entities, as well as a former territory of the Soviet Union.

Cybersecurity firm Palo Alto Networks described the hacking tool, which it calls "Cannon," in a blog post Tuesday. Cannon is a piece of malicious software that hackers sneak onto target computers and use to take screenshots of the infected computer's homepage. Then the software uses email to send the images back to the hackers and receive new instructions. It's like a spy camera on your computer that can send images back home, apparently to Russia.

Palo Alto Networks believes the hackers behind Cannon are a group that intelligence officials have concluded is part of Russia's military spy agency, GRU. Sometimes called Fancy Bear, the hacking group was also blamed for hacking the Democratic National Committee in 2016.

The hacking tool's use of email to send information to accounts where the hackers can reach it is both clever and new, said Jen Miller-Osborn, deputy director of threat intelligence at Palo Alto Networks. It's part of a bigger picture in which sophisticated hackers stage elaborate, Ocean's Eleven-like attacks on computer networks in which nothing is as it seems, all to avoid detection for as long as possible. And as quick as experts get at detecting those evasive techniques, hackers from groups like Fancy Bear change things up.

View: Article @ Source Site