What is VEEZO?
VEEZO is a cloud based virtual security officer designed for all sized businesses that will guarantee you to have the highest level of cyber protection possible in an ever changing world of cyber criminality.
VEEZO is a NextGen Virtual and Automated security incident management service.
VEEZO instantly protects any business from cybercrime !
Against which kinds of cybercrime can VEEZO protect you?
Exploits, Ransomwares, Data Loss, Threats, Bots, DDoS Attacks, Software Vulnerabilities, Malicious Web Sites, Cryptolockers, Cryptominers, Malwares, AdWares, Trojans and a lot more…
What does VEEZO do?
Identify accurately suspicious and malicious activities in real-time, 24/7
Understands and classifies all network traffic.
Protect and respond instantly against any known and new threats.
Alerts designated people in realtime of any suspicious activity. It will send the analysis results and best remediation plans.
Share security-related information with dynamic dashboards and reports
How is VEEZO deployed?
VEEZO is a service deployed as a transparent bridge, physical or virtual, intercepting an identified malicious communication.
How long does it take to deploy VEEZO and make it efficient at protecting our infrastructure?
No more than a couple of minutes for it to be installed. It is literally plug and play:)
What does VEEZO do in case of an attack?
In case of an attack VEEZO will drop all known malicious communication and inform the person in charge of IT. The report will also include recommendations to remedy the issue.
What are "Checkers" explained by Veezo?
Checkers try to access passwords quickly and efficiently, in order to gain access to IT applications with user rights. These checkers are available covertly for the very specific purpose of validating and accessing accounts.
Thanks to the credentials obtained from stolen Databases, hackers can use Checkers to launch massive automated connection attempts on websites and other available access pages, in order to verify their validity and confirm the access without authorization.
Checkers are automated tools (scripts or software) used by cybercriminals to verify the validity and combination of the stolen username and password with the authentication system of a website, application, an application programming interface (API), etc.
What are "Loaders" explained by Veezo?
Loaders allow you to bypass anti-viruses by hiding and delivering payloads. The term “payload” is used figuratively to designate the part of the executable code of a virus which is specifically intended to harm (as opposed to the code used by the virus to replicate).
Once hackers have identified a target, the next step is to introduce the codes, such as malware, to the targeted device or system. Since these are generally protected by antivirus software, which can recognize, report or block the payload of the malicious application, criminals commonly use special tools such as Loaders and Crypters.
These tools allow to escape the detections of the Endpoint security tools, enabling to download and run secretly the malicious codes or other applications. Loaders generally have limited capabilities.
The processes vary from one Loader to another:
- The most basic stores the malicious applications directly into the file system of the victim, then runs it as a new process.
- The most advanced keep the downloaded Payload in memory and then runs through an injection technique, such as injection of a DLL for example.
By keeping the Payload in memory, the Loader considerably reduces the chances that a security tool can detect the final malicious application.
What are "Bruteforcers" explained by Veezo?
Cybercriminals use brute-forcers to gain automated access to information and user accounts. Brute-forcers are automated tools that attempt to crack passwords or usernames using a test and error method. They can also be used to discover hidden pages and content such as an application or page web.
Brutes-forcers allow cybercriminals to automate the recognition phase of an attack and gain access to a valid account. Access will allow a hacker to gather all information, and more specifically additional personal information on the user, such as an address book, photos, numbers, and payment information. Recognition is the first step used by cyber-attackers to gather information on the targets. Any information, even partial, obtained from data theft, helps hackers who use brute-forces to facilitate the discovery of a password.
These types of attacks are facilitated if victims re-use the same login information on multiple online site platforms. The main reasons for reusing a password is to facilitate the memorization but also a low understanding of the risks involved.
What are "Crypters" explained by Veezo?
The Crypters are essential services for hackers involved in the spread of malware. The Crypters are used to encrypt and hide malicious software payloads to avoid detection by security solutions such as antivirus, for example. The Crypters can, among others, compress executables, impersonate a legitimate program and escape from being tested by sandbox techniques.
In order to assist any novice hacker who does not have the technical expertise to deploy their in-house developed malware, the developers of Crypters have developed simple intuitive graphical interfaces for the use of their Crypters. Through these configuration panels, each neophyte will be able to select the wanted options, such as the destination of the payload injection, the encryption methods, and keys.
These customizable crypters are available in Open source and publicly accessible. There are even a variety of tutorials and practical guides to detail the different manipulations. Wondering how it works?
Well, it is very simple.
- The crypter encrypts the malicious payload in a chosen programming language
- The hacker distributes this small packet to victims via phishing or spamming
- The crypter decrypts and releases the malicious payload once it is executed after a mouse click or other user action.
What are "Stealers" explained by Veezo?
The Stealers are gathering information from the device of the victims, such as Personally Identifiable Information, the details of payment facilities and other sensitive data. The Stealers are also very popular tools for cybercriminals used to sniff sensitive information of the victims.
They help to install malicious payloads on victims’ devices. The objective, on the other hand, is to collect primarily the identifiers of online services, email clients and files used by the victims. The Stealers creators provide not only the software, but also updates and a premium customer support to guarantee the features of the spyware. Very attentive, isn’t it?
STEALERS AND CRYPTO-CURRENCY
The Stealers are particularly effective and used to steal cryptocurrency wallets. The thefts taking place in general at the time of the conversion of the virtual currency to “digital” currency by the account holder.
What are "Keyloggers" explained by Veezo?
A Keylogger is a kind of spyware, which records the keystrokes typed on the keyboard. Running silently in the background, one of the techniques is to save the keys in a “log” file and send them to an e-mail address or to a remote server, via FTP.
BUT HOW DOES IT WORK?
The primary objective of the Keylogger is to start as soon as the Operating System has booted. It will use APIs to retrieve keyboard actions. Its primary objective: record, any event on the keyboard as soon as a key is pressed, and then send this information via the network.
But again, things have evolved significantly, and the Keyloggers are going well beyond their initial roles.
They have become applications monitoring tools, can take screenshots, dynamically get the contents of the clipboard, copy the Skype conversations, capture, or block websites, run or delete other programs, etc. .
What are "Injectors" explained by Veezo?
This type of attacks is commonly called “Man in the Browser”. Any banking Trojan can modify the content of legitimate banking page in real time by performing an API Hooking. A Hooking API, in short, allows you to modify the behavior and flow of API calls, and to perform additional actions at specific times (a kind of .batch). The compromised content, added to the page, is included in a web configuration file. This is generally hosted on a remote Command and Control (CnC) server and then downloaded to the infected machine. This configuration file, encrypted and hidden to escape any detection, can quickly evolve and automatically get the configuration updates on compromised devices. Some web injections built into Trojans even allow you to take full control of the corrupted machine. In addition, some web injections can easily bypass two-factor authentication. The developers of bank injectors sell on the dark marketplace both ready to go injections tools and possible targets by injectors.
What are "ExploitKit" explained by Veezo?
An Exploit is a piece of software which can exploit a security weakness left accessible by a person or software. The Exploit kits are automating the exploitation of vulnerabilities in web browsers, operating systems, and other applications.
They will also be used as a container for all types of malicious payloads such as Trojan, Loader, Ransomware, and other malware.
They can spread under the form of fake advertising, compromise files with active content or malicious link via email.