In case you’re asking yourself, no, there’s nothing sacred to some people in this world and that includes veterans. If you’re a veteran in search of a job then you need to be aware of a bogus website that will infect your computer with malware. This bogus website is masquerading as a legit job search tool for veterans.
The website is said to go by the name Hire Military Heroes and even had a moving front page with the iconic image of soldiers raising the flag at Iwo Jima. The hackers used the website to deploy a fake installer app that injected malware and spying software on to the victim’s computer.
The malware sent back hardware and firmware versions of the target computer as well as its patch level, number of processors, network configuration, domain controller, screen size, and admin name. Cisco Talos made the discovery and had this to say about the data being sent back:
“This is a significant amount of information relating to a machine and makes the attacker well-prepared to carry out additional attacks,” Cisco Talos said, adding it has the potential of affecting a lot of people.
“Americans are quick to give back and support the veteran population … this website has a high chance of gaining traction on social media where users could share the link in the hopes of supporting veterans.”
The threat actor is Tortoiseshell, Cisco and Symantec say, which was also found to be behind an IT provider attack in Saudi Arabia.CNET
Cisco Talos has a more in-depth overview of the inner workings of the bogus veteran website, so be sure to check out their blog. According to CNET, Cisco hasn’t said if anyone has been affected by this latest attempt at harvesting user data. It was also reported that well-meaning individuals have been sharing this website on social media. Please stop sharing this bogus veteran site.
What do you think of this story? Are you a veteran who was affected by this? Let us know in the comments below or on Twitter, or Facebook. You can also comment on our MeWe page by joining the MeWe social network.Source: CNET