Pages

25 June 2015

Newly Identified Spyware System Attacking Government and Military Computers in Southeast Asia

June 23, 2015

Cyber-Espionage Operation Attacking Governments in Southeast Asia Uncovered

Researchers from Palo Alto Networks recently spotted one cyber-espionage campaign which was attacking military and government agencies within Southeast Asia, published securityweek.com, June 16, 2015.

Researchers state they nicknamed the gang behind the campaign ‘Lotus Blossom,’ as well as that considering the targets it selected along with the persistency of its attacks, the campaign possibly is state-backed. The attack, which has been ongoing since 3-yrs, has over 50 separate attempts associated with it.

“Operation Lotus Blossom” tries to steal national data from the Philippines, Indonesia, Hong Kong, Taiwan and Vietnam.

A 42-unit team of Palo Alto reports that the gang employs spear phishing assaults for contaminating its targets, usually delivering one malevolent office file as well as decoy file having material that would interest the victim or relate to his occupation. Securityweek.com published this.

Moreover, the team states the attachment in spear phishing message characteristically contains an attack code which exploits CVE-2012-0158 a widely-recognized vulnerability in Microsoft Office that’s utilized for loading a Trojan onto the victim’s computer followed with exhibiting the decoy in a way that the victim would mistakenly think he opened the file rightly.

Facilitating backdoor access, the Trojan is nicknamed Elise taken from a sports-car’s name that UK’s Group Lotus PLC designed. The malware seems unique that has morphed progressively.

Besides, it isn’t really refined while depends on a well-known vulnerability, explains Palo Alto.

According to Intelligence Director Ryan Olson of Unit 42, Palo Alto Networks, the Trojan along with attack codes utilized within Operation Lotus Blossom are not advanced items compared to modern standards; however, the same assaults can prove harmful incase they prove effective while yield attackers admission into crucial data. As vulnerabilities of the old order continue to be utilized it indicates how important it’s for organizations to imbibe an attack-prevention attitude while adopt measures for enhancing cyber-cleanliness so that cyber-criminals can no longer keep employing legacy methodologies that continue to work effectively, Olson reasons. Prnewswire.com reported this, June 16, 2015.

Governments and businesses face state-backed cyber attacks as a major problem, with plentiful sophisticated hacks making news stories, like one prominent data-hack that impacted workers of US government.

No comments:

Post a Comment