New Malware Attack Focuses on Syrian Dissidents

A phony protection device known as AntiHacker turns out to be spyware.

The actual Electronic Frontier Foundation (EFF) is warning of the brand new malware marketing campaign focusing on Syrian activists, journalists as well as opposition members.

"The most recent malware marketing campaign performs into users' concerns about safeguarding their own protection by providing the fake protection device called AntiHacker, which promises to provide 'Car-Safeguard & Car-Identify & Security & Quick scan as well as examining' [sic] ... While it proports to provide security against hackers, AntiHacker rather installs a remote access tool known as DarkComet RAT, which allows an attacker in order to catch web cam exercise, disable the actual notification environment for certain antivirus programs, report key strokes, steal security passwords, and more," write the EFF's Avoi Galperin and Morgan Marquis-Boire.

"According to the watchdog, AntiHacker utilizes numerous techniques to lure people of the opposition to install the program, including social media stations such as Myspace," writes ZDNet's Charlie Osborne. "However, at the time of writing, the tool's Myspace team was not available. "

"This isn't the first time that Syrian activists came below cyberthreat," notes CNET Information' Dara Kerr. "In Might, the Trojan viruses specific dissidents in both Syria and Iran tracking users that attemptedto avert government censorship. This particular Trojan viruses transported a cargo associated with adware and spyware which captured usernames, Internet protocol handles, as well as hostnames associated with customers; it also documented any key strokes joined. The edition of DarkComet that AntiHacker is actually running isn't yet detectable by any anti-virus software, based on EFF. Nevertheless, users can make use of the DarkComet Informer removal tool to find out regardless of whether their own computer systems are infected after which remove the adware and spyware."