All the latest UK technology news, reviews and analysis

Clandestine Fox hackers spreading malware via Facebook, Twitter and LinkedIn

10 Jun 2014
Social Media

The hacker group behind a notorious campaign targeting a critical vulnerability affecting multiple versions of Microsoft Internet Explorer has altered its strategy to spread malware using social media, according to security firm FireEye.

FireEye senior threat analyst Mike Scott reported the Clandestine Fox hackers altered their attack strategy after Microsoft issued a patch for the IE flaw, in a blog post. Scott said FireEye uncovered the new attack campaign after detecting a number of malicious social network messages targeting its customers.

"The attackers used a combination of direct contact via social networks as well as contact via email, to communicate with their intended targets and send malicious attachments. In addition, in almost all cases, the attackers used the target's personal email address, rather than his or her work address," read the post.

"This could be by design, with a view toward circumventing the more comprehensive email security technologies that most companies have deployed, or also due to many people having their social network accounts linked to their personal rather than work email addresses."

FireEye director of technology strategy Jason Steer told V3 while the Clandestine Fox strikes are only targeting very specific groups, the effectiveness of the tactic means it is only a matter of time before the wider crime community learns from them.

"Sites like Facebook and LinkedIn are prime sites to look for and target people. If you create a fake profile with a throwaway email account you can be anyone you like and if you access it via Tor no one knows where you connect from either and hence hard to trace back. Then you connect with the target," he said.

"These types of attacks will be reused and recycled into attacks by other gangs in the cybercrime industry as the effectiveness of their APT-style attacks slows. It will then be used by hacktivists, lone hackers and then by general cyber criminals all looking to use their hack against targets of interest or finally against the general man on the street."

Steer recommended businesses take a variety of precautionary measures to protect themselves from future social media-based hack campaigns. These include deleting suspicious messages and requests from people you don't know without opening them and using long passwords that are not shared across multiple accounts.

Clandestine Fox is one of many hacker campaigns uncovered in recent months. Crowdstrike reported discovering a Putter Panda hack campaign spying on high-tech firms involved in space, aerospace and communications industries earlier this week.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Tech gifts for Christmas 2014

Is a new tablet on your wish list this festive season, or have they become yesterday’s fad?

Popular Threads

Powered by Disqus
iPhone 6 is available in silver gold and space grey

iPhone 6 video review

The best iOS handset to date

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Operational DBA

Operational Database Administrator / SQL server DBA...

Junior Digital Project Manager

Junior Digital Project Manager Our client a forward...

C# Developer (WPF, ACF, ASP.NET, MVC) London - Finance London

C# Developer (WPF, ACF, ASP.NET, MVC) London - Finance...

C++ Developer- Unix / Oracle / Mysql /

C++ Developer - West London C++ Developer urgently...
To send to more than one email address, simply separate each address with a comma.