14 matches found
Threat Round Up for Nov 10 - Nov 17
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between November 10 and November 17. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior...
DNC Hacked, Research on Trump Stolen
Two separate APT groups believed to have ties to the Russian government have been fingered in attacks against the Democratic National Committee resulting in the theft of research done by the DNC on presumptive Republican nominee Donald Trump. Researchers at Crowdstrike, called in to investigate b...
New Hammertoss Espionage Tool Tied to MiniDuke Gang
The espionage gang behind the MiniDuke backdoor uncovered by Kaspersky Lab and CrySys Lab in 2013 has surfaced again with a new backdoor and attack platform that is used sparingly against only high-value targets. The new data theft tool, called Hammertoss, is a study not only in espionage...
White House, State Department Counted Among CozyDuke APT Victims
A data-mining advanced persistent threat hit a handful of high profile targets last year, including the White House’s computer network. Dubbed CozyDuke, the APT’s toolset shares several similarities with fellow APTs MiniDuke, CosmicDuke and OnionDuke. Kurt Baumgartner and Costin Raiu, researchers...
OnionDuke APT Malware served through Tor Network
The malicious Russian Tor exit node, which was claimed to be patching binary files, is actually distributing a malware program to launch cyber-espionage attacks against European government agencies. The group behind the rogue Tor exit node had likely been infecting files for more than a year,...
Russian APT28 Group Linked to NATO, Political Attacks
A Russian APT group tied to ongoing attacks against military and political targets in Eastern Europe and against NATO could also have ties to the MiniDuke espionage campaign uncovered more than a year ago. Dubbed APT28 by FireEye in a report published last night, the Russian hackers have targeted...
Miniduke APT Campaigh Returns with New Targets, Hacking Tools
The Miniduke advanced persistent threat APT campaign uncovered by researchers at Kaspersky Lab and CrySys Lab in February 2013 is back after a year-long hiatus in which attacks abated almost entirely. While the initial Miniduke operations primarily targeted government organizations in Europe, thi...
MiniDuke Malware spreads via Fake Ukraine-related Documents
A year back, Security Researchers from the Antivirus firm Kaspersky found a sophisticated piece of malware which they dubbed as ‘MiniDuke’, designed specifically to collect and steal strategic insights and highly protected political information, which is a subject to states’ security. Now, once...
New Attacks Leverage Adobe Sandbox Bypass Against Uyghur Activists
Attackers with a control infrastructure based in China are leveraging the same vulnerability exploited by Miniduke to attack Uyghur and Tibetan activists with new exploits. Researchers at Kaspersky Lab and AlienVault discovered a spear phishing campaign targeting non-governmental activists with P...
New Web-Based MiniDuke Components Discovered
Researchers at Kaspersky Lab and CrySys Lab have discovered files buried inside a MiniDuke command and control server that indicate the presence of a Web-based facet of the campaign that initially targeted government agencies, primarily in Europe. Users are likely lured to the malicious webpages...
MiniDuke Espionage Campaign Began About a Year Earlier Than First Thought
Researchers have found an earlier version of the MiniDuke espionage malware that dates to June 2011 – almost a year ahead of the previously oldest variant designed to spy on NATO, European governments and U.S. research and think tanks. Unlike the cyberspyware discovered last week, this one embedd...
Old School Hackers spying on European governments
Kaspersky Lab's team of experts recently published a new research report that analyzed that Cyber criminals have targeted government officials in more than 20 countries, including Ireland and Romania with a new piece of malware called 'MiniDuke'. In a recent attack, malware has infected governmen...
Old School Hackers spying on European governments
Kaspersky Lab's team of experts recently published a new research report that analyzed that Cyber criminals have targeted government officials in more than 20 countries, including Ireland and Romania with a new piece of malware called 'MiniDuke'. In a recent attack, malware has infected governmen...
Costin Raiu on the Intricacies of the miniDuke Malware Campaign
With Dennis Fisher out of pocket at the RSA Conference in San Francisco, Ryan Naraine hijacks the Digital Underground podcast and gets on the phone with Kaspersky Lab research guru Costin Raiu to talk about the intricacies of the miniDuke malware campaign. Download: digitalunderground113 Subscrib...