Recently, a research institute found that a hacker named "Valley Thief" is using the search results in Baidu to spread Trojan horse programs on a large scale, with a high degree of camouflage and concealment, and the number of victim companies is on the rise.
The investigation found that the hacker group carried out large-scale phishing attacks against financial, manufacturing and other industries. By tracing the source of the backdoor program, it was confirmed that this sample was a backdoor Trojan horse program promoted through search engines, with various forms of camouflage, or disguised as a printer driver. spread.
The seemingly harmless search results are actually a trap set by hacker gangs.
How does the Trojan horse trick the user?
Hackers pretend to be installation packages of various software when launching Trojan horses, and disguise the process name of normal software when the Trojan horse is finally implanted. The server used to download malicious script codes and virus Trojan horses is the hacker’s control server. "Trojan horse" is relatively cunning, and will use methods such as short link address and server verification to avoid the tracking of analysts, and finally achieve the purpose of controlling the target server and stealing data.
The business secret mail reminds all enterprises to remain vigilant and do the following:
1. Don't believe in the promotion of search engines easily. When downloading related software, please go to the official website to download;
2. Do not scan QR codes from unknown sources;
3. Don't trust and click on the address links in emails, text messages and the Internet;
4. Do not use low-strength passwords, try to use different passwords on different platforms, important systems such as corporate mailboxes need to set independent (letters + numbers + symbols) high-strength passwords;
5. Governments and enterprises need to encrypt all sensitive data to ensure their data security.
With the frequent occurrence of network security incidents, the government, education, finance, manufacturing and other fields are often the industries that hackers focus on, because these industries have a lot of important data. Once the system is invaded, hackers can easily steal a lot of valuable data. data, or peddling or direct extortion.
Therefore, key areas and key industries need to implement multi-level security measures to cope with increasingly complex network security challenges, so as to effectively protect their own data security.