REPOST: New information-theft malware 'Napolar' is gaining traction, researchers warn

The number of infections caused by a malware called Solarbot/Napolar has significantly increased during the past few weeks, according to antivirus vendor AVAST. The article below reports on the active development of the said malware.

IDG News Service — A new piece of information-stealing malware that appeared earlier this year has been rapidly gaining traction during the past few weeks, with hundreds of infection attempts being detected every day by antivirus vendors.

The malware is called Solarbot and its creator first started to advertise it to cybercriminals in May, security researchers from antivirus vendor Avast said Wednesday. The number of infection attempts using this malware increased significantly over the past few weeks, the researchers said.

Image Source: www.news.mindprocessors.com

Researchers from antivirus vendor ESET have also been tracking the same threat. "We have uncovered many details about this bot since it became active at the end of July, with in-the-wild infections starting mid-August," they said. "There have been reports of thousands of infections, many of them in South America."

Both Avast and ESET antivirus products detect the malware under the name Napolar.

Solarbot/Napolar is advertised through a professional-looking and publicly accessible website that lists the malware's features and tracks the development progress in an actively updated changelog. The site also provides a manual for using the malware and information on how to develop plug-ins for it.

According to the ESET researchers, buying the malware's binary file, which can be used to infect computers, costs US$200.

Image Source: www.macforensicslab.com

Solarbot is able to launch several types of DDoS (distributed denial-of-service) attacks, can act as a reverse SOCKS5 proxy, steal POP3 and FTP login credentials from many email and FTP clients, and steal information entered by victims into Web forms in Internet Explorer, Mozilla Firefox or Google Chrome.

However, the malware's functionality can be extended through plug-ins. The bot's developers offer a plug-in SDK (software development kit) and also provide some example plug-ins to steal Bitcoin wallets or collect computer information.

According to data received by Avast from installations of its products, infection attempts with Solarbot are detected on several hundred unique computers every day. The malware's distribution seems to be global, but the most-affected countries are Colombia, Venezuela, Peru, Mexico, Argentina, Philippines, Vietnam and Poland.

Image Source: www.bizreport.com

Researchers from ESET suspect that the malware is spread through compromised Facebook accounts, because some of the samples found so far have names like "Photo_032.JPG_www.facebook.com.exe." The malware can steal Facebook log-in credentials using its form-grabbing feature, so attackers can use those credentials to access Facebook accounts and spread the malware to other people, the researchers said.

Although this bot is similar in functionality to Trojan programs like Zeus or SpyEye that are already widely used, its popularity might grow because it is actively maintained, easy to use and can be extended easily through plug-ins, the ESET researchers said.

Due to its solid malicious performance and reasonable price of $200, this bot could be on the rise in the near future, the Avast researchers warned.

Ron Hovsepian currently heads IntraLinks Inc., a recognized leader in software-as-a-service computing. Read more about secure online data management on this website.

Data security: Knowing the risks during M&As

The digital age presents many businesses with a whole range of opportunities to streamline processes, reach broader markets, and save money.  However, it has also brought in new threats, particularly in terms of corporate espionage and other forms of illegal data leaks.  Protecting proprietary data and the data entrusted by customers to the company requires great effort, which in itself can be a hindrance when collaborating or merging with another company.

Image Source: www.logtas.com

There are many reasons for protecting corporate data.  Proprietary data, which include documents on the company and details of operations, is vital in maintaining competitive edge over other companies.  For companies with large amounts of data from customers in storage, they are held responsible for the management of that data and its protection from unscrupulous individuals who wish to use it for illegal purposes.

Image Source: www.itpro.co.uk

Unexpected malicious breaches aside, one of the many sources of potential data leakage is the process of mergers and acquisitions, where two companies begin exchanging vital data to break ground for their collaborative endeavors.  Leaks in this process could come about from giving information by accident to people and parties other than the intended recipients.

Image Source: www.blog.rjssoftware.com

Ron Hovsepian is the President, CEO, and Chair of Intralinks, a company that provides secure data sharing infrastructure for companies. Visit this website for more information on data security for mergers and acquisitions.

REPOST: Australia: M&A Predator or Prey?

Intralinks correspondent Samantha Marks discusses Australia’s growing role in the global economy and what it means for Australian companies, which stand in between seizing their opportunities on their and being to those by other countries. Read this article in full at the Intralinks blog.

The Australian economy is in a very strong position compared to most locales around the globe. The current environment is perfectly suited to local business adopting a predatory role in global business transactions by seizing opportunities, moving decisively and adapting to new trends in due diligence.

Image source: foxnews.com

But increased interest in Australian assets could lead to local business becoming the hunted instead of the hunter if they wait too long or fail to adapt.

The recent Dealmakers ANZ event in Sydney hosted an intelligent and thought provoking panel discussion about the challenges and opportunities changing the shape of the M&A landscape.

Image source: vatis.com.au

Should earn-outs be restructured? Nick Humphrey, partner with law firm Sparke Helmore, thinks Australia should learn from how these are structured in the US and UK but his peer Mark Stanbridge of Ashurst is not so sure.

Image source: andrewboon.com

How should business adapt to longer due diligence cycles? Matt Porzio, Vice President of Strategy and Product Marketing, points out that while there are comparatively fewer bidders on deals, the amount of information reviewed under due diligence has increased by 40% year on year. Addressing this growing data challenge without losing momentum on deals has made the use of the right technology even more crucial. Peter Dunne of Herbert Smith Freehills agrees technology creates the opportunity for the buy-side to effectively flip control of the deal instead of waiting for the sell-side to set the parameters.

Why are ‘bear hugs’ becoming an increasingly popular and aggressive tool by predatory companies? Jonathan Algar, partner at law firm Clayton Utz, suggested that bear hugs have “taken the place of the hostile takeover,” by putting price pressure on target boards and forcing due diligence without a commitment to proceed to a takeover.

With the latest Deal Flow Indicator results indicating a return to strength in the market, M&A professionals will be poised to leap on emerging opportunities. Just don’t stand still too long in the tall grass.

Ron Hovsepian is the President, CEO, and director of Intralinks, a company that provides secure inter-enterprise collaborative solutions over the cloud. Visit this webpage for more updates.

Repost: Daily Report: Roots of a Rivalry in Cloud Computing

In any booming industry, rivalries are inevitable. In this article, The New York Times delves into the storm cooking in the Cloud.

If the Hatfields and McCoys lived in Silicon Valley, they would be fighting with piles of cash and lines of software code instead of knives and shotguns. And the fight would be over who wins the most customers in the computer industry’s growing “cloud” of software services, Quentin Hardy writes in The New York Times.

That is how it is for Aneel Bhusri and Zachary Nelson, whose companies are in contention over the next major shift in computing. In a way, the men are reliving history.

Two decades ago, their mentors feuded, and that time, too, the dispute took place against the backdrop of a major shift in corporate computing — when customers gave up their mainframes and moved to software that relied on personal computers closely connected to a server.

Mr. Nelson, the chief executive of NetSuite, used to work for Lawrence J. Ellison, the billionaire chief executive of Oracle.

Mr. Bhusri, co-founder of a competitor company called Workday, used to work for David Duffield, a rival of Mr. Ellison’s. Mr. Duffield is the low-profile founder of PeopleSoft, a once-powerful maker of corporate software that Oracle acquired in a bitter, 17-month hostile takeover fight.

How bitter? Oracle defeated a federal antitrust lawsuit brought by the Justice Department before it could reel in its rival. And a month after PeopleSoft was acquired, 5,000 of its 11,000 employees were laid off.

Together, NetSuite and Workday are among a growing circle of technology outfits poised to cash in on the migration to cloud computing services and perhaps elbow aside today’s corporate software giants, like Oracle and the German company SAP.

Ron Hovsepian corporate offers collaborative solutions based on the cloud. More information on its services can be accessed on this website.

Introduction to Cloud Computing by YouTube

How Microsoft handed the NSA access to encrypted messages | World news | The Guardian

 Eye-opening news for Silicon Valley

How Microsoft handed the NSA access to encrypted messages | World news | The Guardian

Reasons why cloud computing is booming

Image source: telefonica.com

In recent years, the cloud computing industry undoubtedly rose to a higher level. Gone are the days when people and tech experts were questioning its capability to manage a company and an industry in the online world alone; doubts on the possibility of putting an entire industry profile on cloud have been dispelled. But no one can blame companies that still couldn’t turn over their hard copies to the InterWeb—change, especially a major one, is always difficult to deal with.

The reasons behind the cloud computing boom, if explained to a traditionalist who doubts the powers of this technology, are not really technical and are rather practical. Yes, trades and firms finally gave in to the promises of cloud computing for reasons simple and understandable.


Image source: limefresh.biz

Affordable. With only Internet connection to rely on, being on cloud means there will be more physical space in the office –servers where office documents, employee profiles, operation details, and business plans are no longer needed. This being said, it means that being on cloud means “going green,” too. The company can save money on energy bills and can use the extra space to house more employees.

Saves time. In cloud computing, the trade owner lets everything to the cloud server. All he needs to do is let the program do the work for him—from organizing files and computing transactions and employees’ salaries to verifying works that need double checking. The work flow is more streamlined, saving time and eliminating error.

Safe. In cloud computing, everything is secure, since no burglar or thief can physically steal information from the Web. And the experienced hackers? There are many anti-hacking software and security measures online, all offered by the cloud provider.


Image source: orangeandbronze.com

Ron Hovsepian, a seasoned expert in data management, serves as the president, CEO, and director of IntraLinks, Inc. Visit this website for more updates on the online data management industry.