Hackers Targeting Law Firms, FBI Warns
The FBI is warning U.S. law firms to beware of hackers. The FBI said this week that hackers are using phishing e-mails with malicious payloads to target law firms and public relations firms. "During the course of ongoing investigations, the FBI identified noticeable increases in computer exploitation attempts against these entities," the warning said.
"Phishing" refers to the use of e-mail or instant messaging to trick the recipient into providing personal or sensitive information, such as user names, passwords and credit card information. Generally, the message draws the recipient to a Web site designed to replicate a legitimate site, where the recipient is asked to provide this information. In this case, the scam involves an e-mail that installs a malicious program to search for sensitive data.
The FBI warning said that the scam targeting law firms arrives as an e-mail that includes an attachment or a link. The e-mail appears to arrive from a trusted source based on its subject line and attachment name. Opening the message itself is not harmful. But if the recipient opens the attachment or clicks on the link, it launches a self-executing file that then attempts to download another file. Once that malicious file is installed, it searches for sensitive files and sends them to a computer server outside the firm -- and usually outside the United States.
The malicious file does not necessarily appear as an "exe" file. In some cases, it appears as a "zip," "jpeg" or something else. Once executed, it will attempt to download and execute the file "srhost.exe" from the domain "http://d.ueopen.com." Any activity on a firm's network associated with "ueopen.com" should be considered evidence that the network is compromised, the FBI says.
"Law firms have a tremendous concentration of really critical, private information," Bradford Bleier, unit chief with the FBI's cyber division, told The Associated Press. Infiltrating those computer systems "is a really optimal way to obtain economic, personal and personal security related information."
In 2008, a major New York law firm was hacked into in an attack that originated in China, the AP report said. The hackers that target law firms are often going after ones that are negotiating a major international deal. "The best documents to steal are in the law firm that represents that company," Alan Paller, director of research at computer-security organization SANS Institute, told AP.
Posted by Robert J. Ambrogi on November 20, 2009 at 03:12 PM | Permalink
| Comments (1)