Two Italians Arrested On Suspicion Of Distributing EyePyramid Malware

A lot of hacking incidents around the world go by without ever knowing which vulnerability was abused by cyber criminals. EyePyramid, a notorious type of malware, has been allegedly used in high-profile Italian hacks. More importantly, two people have been arrested for attacking private and public Italian citizens, including high-profile members of society. Over 87 GB of sensitive information has been obtained through EyePyramid, making it a very successful malware type.

A Closer Look At The EyePyramid Malware

Throughout the years, the world has seen various types of malware. In most cases, this malicious software is spread through phishing or spam email campaigns. In the case of EyePyramid, it was distributed through a spear-phishing campaign. More specifically, the campaign targeted residents of Italy, both in the public and private sector. The sole purpose of this malware was to obtain a much information as possible.

Spreading this sophisticated type of malware allowed the people running EyePyramid to compromise email accounts. The most notable incidents revolved around infiltrating attorney email accounts, as well as compromising the mailboxes of law firm associates. All it takes is one person to download and open the malware-laden email attachment to gain full access to their system and credentials.

Detecting this new malware has proven to be quite a challenge. As is usually the case, criminals usually tend to obfuscate parts of the source code. Using this trick does not make an analysis of the malware samples any easier either. It took quite some time to figure out the necessary information about the command and control server.

That said, law enforcement officials were able to track down the people who are responsible for spreading the EyePyramid malware. The criminals paid for the MailBee.NET.dll API; a library used to build custom email software. Using this library, the criminals could send out the obtained data to email addresses owned by the crooks.

Unfortunately for them, it is paying for this library that allowed law enforcement agents to arrest two suspects earlier this week. Two Italian citizens have been arrested thanks to a collaboration between the FBI and Italian authorities. It appears they are the ones responsible for obtaining 87 GB worth of sensitive data, all of which was gathered by EyePyramid. It is possible the total amount of data obtained is higher, as the investigation is still ongoing right now.

This is yet another example of how malware threats should never be underestimated. Anyone can become a target for online criminals, regardless of which walk of life they come from. Information is power, and there is always someone willing to pay to gain knowledge about a specific topic or individual. Malicious email attachments remain the most popular way of spreading malware; that much is certain.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.