Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Icefog hit-and-run hackers uncovered in Asia

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 26 Sep 2013 07:31:45 +0000 (UTC)
http://www.theregister.co.uk/2013/09/26/icefog_hit_and_run_apt_japan_south_korea/

By Phil Muncaster
The Register
26th September 2013
Kaspersky Lab has uncovered a new APT campaign aimed at pilfering secrets from governments and supply chain industrial, military, media and technology companies in Japan and South Korea.
Icefog features many of the key attributes of targeted attacks, including the spear phishing email lure to gain a foothold in the victim’s network; the use of malware which exploits known vulnerabilities; and the nabbing of email credentials and system passwords to move laterally inside the organisation.
However, where Icefog differs is that attacks are more laser focused and shorter lived than typical APTs, according to Kaspersky Lab. 

The vendor had the following in its report:

  Perhaps one of the most important aspects of the Icefog C&Cs is the “hit
  and run” nature. The attackers would set up a C&C, create a malware
  sample that uses it, attack the victim, infect it, and communicate with
  the victim machine before moving on. The shared hosting would expire in
  a month or two and the C&C disappears.

[...]


--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
Previous By Date Next
Previous By Thread Next

Current thread: