projectz

Tech, Gadgets, Photography, Social Media and Poor Spelling

The back door to your LAN, all those cloud systems….

The bridge between consumer sites such as Evernote, Dropbox and Box and the corporate LAN has always been a rickety one at best, however the Push for BYOD and use of the cloud has lead to the opening of these services in some offices.. Well fool me once and all that.

An interesting article on Ars Technica http://arstechnica.com/security/2013/03/evernote-so-useful-even-malware-loves-it/ covers an interesting back door being used by some malware hooking into these popular cloud based services.

The backdoor malware, designated as VERNOT.A by Trend Micro, is delivered via an executable file that installs the malware as a dynamic-link library. The installer then ties the DLL into a legitimate running process, hiding it from casual detection. Once up and running, the backdoor starts to collect information about the system it has made its home—the computer’s name, the person and organization identified as its registered owners, the operating system version, and its timezone. Then it connects to Evernote—specifically the Chinese interface to the Evernote service—to fetch information from notes saved in an account, including commands to download, run, and rename files on its host system.

Basically as sysadmins spend their time shoring up the usual suspects and fighting the scourge of email borne malware it’s getting harder to get in, so the new generation of nasty is hijacking the popular cloud based systems which users have nagged and cited as being secure..

Not sure just how prevalent this is, however if it is wild it’s very scary stuff.. I would be interested to see Evernotes reaction to this, they have historically been good at tightening up when they need to.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Information

This entry was posted on March 28, 2013 by in comment, ilike, Uncategorized and tagged , , , , .
%d bloggers like this: