All the latest UK technology news, reviews and analysis


Nap Trojan uncovered copying New York Times attack methods

06 Feb 2013
Concept image representing virus malware

Security firm FireEye has discovered new malware operating in the wild that boasts similar security-bypassing capabilities to the tools used to attack The New York Times.

FireEye warned that the malware, dubbed Nap Trojan, was using advanced techniques to bypass traditional security tools and this increases the likelihood other firms could see their defences bypassed.

"Nap is yet another piece of malicious software that is being used by attackers in order to compromise PCs and then use them as the base from which to launch attacks," FireEye product manager and architect, Jason Steer, told V3.

"By infecting and then cycling through thousands of infected machines in a very short timeframe, hackers can evade detection; indeed many of the traditional security systems used today are unable to deal with this kind of attack."

Steer said Nap is particularly dangerous as it shares several common traits with the malware used in a recent attack on the New York Times.

"In that breach, the attacker used thousands of university computers as front-end agents, rotating the attack between these machines in order to avoid suspicion" Said Steer.

"Nap also employs extended 'sleep' calls, a classic evasion tactic used by malware writers to help avoid analysis detection by security tools.  Effectively this means the malware remains dormant for extended times, this could be 30 minutes or more, making it difficult to predict what it is actually going to do on a victim's PC."

The New York Times revealed it was the target of a prolonged cyber campaign originating from China at the end of January.

The Chinese hackers reportedly mounted the attack as "payback" for a series of articles the paper published about the nation's prime minister Wen Jiabao.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

IT curriculum poll

With coding now compulsory in schools, how important are digital skills for the next generation of school leavers?
64%
9%
18%
9%

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

.Net Developer - asp.net vb.net

Ref: VR/01334R NET Developer/Engineer/Programmer...

C# Developer (C#,WPF,WCF,.NET4)

C# Developer (C#,WPF,WCF,.NET4) London Up to £45,000...

Web Developer (.NET, Tibco EMS, WCF, LINQ, Integration, web api

Web Developer (.NET, Tibco EMS, WCF, LINQ, Integration...

C# SWIFT Developer (C#, MVC, SQL, ASP.NET, JavaScript)

C# SWIFT Developer (C#, MVC, SQL, ASP.NET, JavaScript...
To send to more than one email address, simply separate each address with a comma.