Internet giant Yahoo has admitted to a hack that occurred in 2014 that compromised at least half a billion of its users making it the largest data breach in history. The stolen information included names, email addresses, telephone numbers, birth dates, encrypted passwords, and in some cases, encrypted and unencrypted security questions and answers.
Based on an investigation, Yahoo believes that the compromise was a “state-sponsored actor,” but they did not name the country involved or how the company discovered the hack almost two years later.
Yahoo has urged users to change their passwords and is invalidating existing security questions.
The Qadars Trojan first made its appearance in 2013, and was configured to attack banks in France, Netherlands, Australia, Canada and the US. However, it has been recently updated to include UK financial institutions as well. Qadars has capabilities to support browser process hooking, form grabbing, cookie theft, web injection attacks, a DGA algorithm for hiding and connecting to its botnet, and a powerful ATS panel for real-time fraudulent transactions.
The updated code for Qadars displays a high level of sophistication, as it will show a Windows security update pop-up. Once the user agrees to install the update, the trojan leverages the click to bypass the Windows User Account Control (UAC) protection install to install a more intrusive module to gain better control of the PC.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.