Vawtrak Malware: Back from the Dead
The digital age is nothing if not wrought with one security and privacy issue after the other. And there is no platform, no device, no nothing that is safe from digital threats. If something exists and is real in the digital world, the likelihood is that there is something or someone out there targeting it. But it’s not all gloom and doom as there aren’t that many problems that have absolutely no solutions. Of course then there are also peculiar cases of problems once forgotten that rise from the dead.
Vawtrak: One More Time
For those who remember Vawtrak is the same malware that emerged during the mid 2000s. Phishlabs is now reporting that it isn’t quite as dead as we all thought, and hoped, that it would be. Back in the day the malware was found making life miserable for Japanese financial forms. It didn’t take it long to expand to online retails, social media websites, game portals, and what not. The growth it experienced was exponential. So when it was eventually assumed to be an old story with no future implications many security experts beemed.
Back from the Dead
Since Gameover Zeus and Shylock were pulled down recently, it is now being predicted that Vawtrak will use this as the perfect opening to up the ante on its operations. The analysts over at Phishlabs noticed Cutwail had an interesting activity going on, i.e. Vawtrak lures. Cutwail holds the honour of being the current largest spam sending botnet in the entire world. This time around Vawtrak was found injecting a spam template into the Cutwail. The main targets can be assumed to be DocuSign and AT&T which are what Cutwail aims to abuse to begin with.
At present victims of Vawtrak are restricted to Australia, Turkey, UK, Canada, Slovakia and the US. Vawtrak as it exists now actually have the capacity to gain access to more personal data than ever before. It does this by using webinjects to target its victims. The worst part is that it won’t always be easy for authorities to find and stop this kind of activity because the strategies being used are too sophisticated.
As the Cookie Crumbles
The Vawtrak is one more threat that we been to be vigilant about. It’s a reminder that threats spread and they spread fast and we cannot take for granted the need for security at any given point in time. Users can actually make sure that they don’t fall prey to such stuff simply by being a bit more prudent about their digital habits. For instance, using an open Wi-Fi is a bad idea in general, it’s an even worse idea if you are using it to access sensitive information. Train yourself to avoid doing stuff which seems innocuous but can get you into trouble. Invest in firewalls, anti-viruses, and general common sense when online. Cybercriminals will always exist, but there is no reason one has to fall victim to their maneuvers.