Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sykipot Trojan Variant Stealing DoD Smartcard Credentials

Posted by Soulskill on from the tax-money-well-spent dept.

Trailrunner7 writes "A new research report says variants of the Sykipot Trojan have been found that can steal Dept. of Defense smartcard credentials. The research, published in a blog post Thursday, is the latest by Alien Vault to look at Sykipot, a Trojan horse program known to be used in targeted attacks against the defense industry. The new variants, which Alien Vault believes have been circulating since March, 2011, have been used in 'dozens of attacks' and contain features that would allow remote attackers to steal smart card credentials and access sensitive information."

4 of 44 comments (clear)

  1. Re:Ouch! by HBI · · Score: 3, Informative

    They are frequently reissued and new certs generated. This causes its own issues, though. The reissued cards cost money and time, and they cause an issue when trying to decrypt old mail, for instance. Specifically, you can't.

    The whole PKI infrastructure thing has not been a glowing success in its largest known implementation.

    --
    HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
  2. vulnerability in the Adobe Reader by Anonymous Coward · · Score: 2, Informative

    Per the Article:

    >> The Trojan is delivered to target systems in a corrupted PDF attached to spear-phishing e-mail messages. The PDFs exploited a previously unknown software vulnerability in the Adobe Reader program, the company said.

  3. Re:Authentication 101 by Jumperalex · · Score: 4, Informative

    If the Trojan can pull pki credentials it can keylog pins.

    --
    If you can't be good, be good at it!
  4. Re:Ouch! by jank1887 · · Score: 3, Informative

    smart cards are not used without passwords. there's still a 'something you know' aspect to go along with something you have. it's just not the traditional login/password.