{"id":3809,"date":"2019-11-11T09:37:39","date_gmt":"2019-11-10T21:37:39","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=3809"},"modified":"2019-11-11T09:37:39","modified_gmt":"2019-11-10T21:37:39","slug":"mastermana","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=3809","title":{"rendered":"“Request for Information” warning"},"content":{"rendered":"

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22″][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text admin_label=”Text” _builder_version=”4.9.2″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” hover_enabled=”0″ sticky_enabled=”0″]<\/p>\n

A recently released report on the Botnet ‘MasterMana’ has highlighted a simple but effective social engineering technique.<\/p>\n

 <\/p>\n

MasterMana has been spreading via emails requesting information on products or services offered by the target company.<\/strong>\u00a0 The email is accompanied by a spreadsheet and the recipient is requested to fill in the products\/service details into the attached Excel document. The document itself has macro which then connects to a outwardly harmless internet site.<\/p>\n

The true nature of the attack then happens silently, as the website runs code which downloads the real payload from yet another site. \u00a0 To further disguise the nature of the threat, this is all managed from a server which has a IP address associated with the USA rather than the usual suspect countries.<\/strong><\/p>\n

MasterMana has made the news as it steals user credentials<\/strong> and has been particularly active at targeting Bitcoin wallets.<\/strong>\u00a0 Prevailion (https:\/\/www.prevailion.com<\/a>) has calculated the cost of MasterMana was US$100 for the Trojan and US$60 a month for the server.\u00a0 Despite its low cost, Prevailion estimate that 2000 systems hit the MasterMana sites every week.<\/strong><\/p>\n

 <\/p>\n

When you compare that cost to the current value of NZ $13,216 for a single Bitcoin, its easy to understand why cyber crime is a fast growing industry.<\/h2>\n

We have seen a similar attempt run against Kinetics.\u00a0<\/strong> The attackers claimed to be a European based IT company looking for support in New Zealand.\u00a0 They asked us for a list of skills, certifications and our rates.\u00a0 We quickly identified that it was an attempt to scam us.\u00a0 The clue was that we received one email and in that first communication, they were already asking for our bank account details.<\/p>\n

Cybersecurity starts with your people.\u00a0 More credentials are given away than are hacked.\u00a0 Every organisation needs regular updates for your employees, awareness sessions for all staff, internal news postings and reports.\u00a0 <\/strong><\/p>\n

All of these will contribute to keeping security awareness alive.\u00a0 We are all targets for this type of crime and all of us need to be aware of the risks.<\/strong><\/p>\n

 <\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

A recently released report on the Botnet ‘MasterMana’ has highlighted a simple but effective social engineering technique.   MasterMana has been spreading via emails requesting information on products or services offered by the target company.\u00a0 The email is accompanied by a spreadsheet and the recipient is requested to fill in the products\/service details into the […]<\/p>\n","protected":false},"author":5,"featured_media":3810,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"A recently released report on the Botnet 'MasterMana' has highlighted a simple but effective social engineering technique.\n\n\"\"\n\nMasterMana has been spreading via emails requesting information on products or services offered by the target company.<\/strong>\u00a0 The email is accompanied by a spreadsheet and the recipient is requested to fill in the products\/service details into the attached Excel document. The document itself has macro which then connects to a outwardly harmless internet site.\n\nThe true nature of the attack then happens silently, as the website runs code which downloads the real payload from yet another site. \u00a0 To further disguise the nature of the threat, this is all managed from a server which has a IP address associated with the USA rather than the usual suspect countries.<\/strong>\n\nMasterMana has made the news as it steals user credentials<\/strong> and has been particularly active at targeting Bitcoin wallets.<\/strong>\u00a0 Prevailion ([wow_colorme]https:\/\/www.prevailion.com<\/a>[\/wow_colorme]) has calculated the cost of MasterMana was US$100 for the Trojan and US$60 a month for the server.\u00a0 Despite its low cost, Prevailion estimate that 2000 systems hit the MasterMana sites every week.<\/strong>\n\n \n\n[header2 text=\"When you compare that cost to the current value of NZ $13,216 for a single Bitcoin, its easy to\u00a0understand why cyber crime is a fast growing industry.\" align=\"left\" color=\"#336A40\" margintop=\"\"]\n\nWe have seen a similar attempt run against Kinetics.\u00a0<\/strong> The attackers claimed to be a European based IT company looking for support in New Zealand.\u00a0 They asked us for a list of skills, certifications and our rates.\u00a0 We quickly identified that it was an attempt to scam us.\u00a0 The clue was that we received one email and in that first communication, they were already asking for our bank account details.\n\nCybersecurity starts with your people.\u00a0 More credentials are given away than are hacked.\u00a0 Every organisation needs regular updates for your employees, awareness sessions for all staff, internal news postings and reports.\u00a0 <\/strong>\n\nAll of these will contribute to keeping security awareness alive.\u00a0 We are all targets for this type of crime and all of us need to be aware of the risks.<\/strong>\n\n ","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[],"class_list":["post-3809","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/3809","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3809"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/3809\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3809"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3809"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3809"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}