Dubai: Companies in the UAE are among those recently targeted by hackers which managed to steal about 10,000 files from small-to-medium sized organisations (SMBs), gravely endangering thousands of email, social media and bank accounts.
Kaspersky Lab announced on Sunday that the cyber-spying campaign dubbed Grabit, which attacked organisations mostly in Thailand, India and the United States, has also affected the UAE, Germany, Canada, France, Austria, Sri Lanka, Chile and Belgium.
The list of targets includes media organisations, construction companies, as well as those operating in the education, chemicals, nanotechnology and agriculture industries.
It is believed that at least 2,887 passwords, 1,053 emails, 3,023 usernames from bank accounts, Outlook, Facebook, Skype, Google mail, Pinterest, Yahoo, LinkedIn, Twitter and many other hosts have already been stolen.
Kaspersky said the recent attacks show that hackers are not only out to steal sensitive information from huge organisations and private corporations, but small-and-medium sized companies as well.
“In the cyber world, every single organisation, whether it possesses money, information or political influence, could be of potential interest to one or other malicious actor,” the company said.
Kaspersky warned that the cyber-spying campaign is still active and it works by sending an attachment that looks like a Microsoft Office Word (.doc) file. Once the unsuspecting user clicks to download the attachment, a spying programme is delivered to the computer from a remote server that has been infiltrated by the hackers to serve as a malware hub.
To protect against Grabit, Kaspersky advised users to follow these rules:
Сheck this location C:\Users\<PC-NAME>\AppData\Roaming\Microsoft, if it contains executable files, you might be infected with the malware. This is a warning you should not ignore.
The Windows system configurations should not contain a grabit1.exe in the startup table. Run “msconfig” and ensure that it is clean from grabit1.exe records.
Don’t open attachments and links from people you don’t know. If you can’t open it, don’t forward it to others – call for the support of an information technology (IT) administrator.
Use an advanced, up-to-date anti-malware solution, and always follow the AV task list for suspicious processes.
