In December, hackers claiming to be affiliated with Anonymous attacked and gathered information from the servers of private intelligence firm Strategic Forecasting Inc. (Stratfor) and posted the information online. “That trove allegedly includes 860,000 usernames, emails, and md5-hashed passwords; data from 75,000 credit cards, including security codes used for no card present transactions; and over 2.5 million Stratfor emails, internal Stratfor documents from the company’s intranet, and support tickets from it.stratfor.com,” Wired reported.
Now, the New York Times reports that criminals are misusing the data culled from Stratfor:
Stratfor customers began receiving e-mails from what, at first glance, looked like Stratfor. An attached PDF file came with what looked like Stratfor letterhead. It warned of the risk of “harmful software” and asked the user to download an antivirus program by clicking on an embedded link. As it turns out, the link downloaded a piece of malicious software. It was detected by Microsoft’s Malware Protection Center, which posted about it on its blog this week.
It’s a classic example of what is known as social engineering — tricking unsuspecting Internet users into downloading malware that can in turn be used to extract financial gain. The social engineering messages are often disguised as e-mails from friends and associates. And often they take advantage of current events or holidays, inviting unwitting users to click on links for greeting cards or celebrity photos. […]
Microsoft said the link actually downloads a password-stealing program. “The link displayed in the e-mails appears legitimate at first glance, but looking closely at the target address, you notice that it doesn’t originate from the address in the e-mail text,” Microsoft points out in its blog post. “Stratfor is based in Texas, United States, however the download URL is located somewhere in Turkey.” […]On Feb. 7, Stratfor’s president, George Friedman, issued a notice on the company’s Facebook page warning subscribers not to open links in e-mails that appear to be sent by Stratfor. He went on to say that Stratfor itself would discontinue sending e-mails with links.