Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Cyber espionage campaign targets energy companies

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 24 Sep 2012 03:28:50 -0500 (CDT)
http://www.computerworld.com/s/article/9231596/Cyber_espionage_campaign_targets_energy_companies

By Jaikumar Vijayan
Computerworld
September 21, 2012
Hackers using a Remote Access Trojan (RAT) named Mirage have been engaged in a systematic cyber espionage campaign against a Canadian energy company, a large oil firm in the Philippines and several other entities since at least this April, Dell's SecureWorks Counter Threat Unit says.
The campaign is the second one targeted at oil companies to be discovered by SecureWorks this year. In February, researchers at the firm discovered attackers using remote access tools similar to Mirage to target several oil companies in Vietnam. That campaign also targeted government agencies in several countries, an embassy, a nuclear safety agency and multiple business groups, according to SecureWorks.
The domains for three of the command and control (C&C) servers used to control Mirage and for several of the C&C servers used in the February campaign, appear to belong to the same individual or group of individuals, SecureWorks said.
Also noteworthy is the fact that the IP addresses for the command and control servers used for Mirage and in the February campaign belong to China's Beijing Province Network. The same network was also implicated in last year's attacks on security vendor RSA that resulted in the theft of confidential information related to the company's SecurID two-factor authentication technology. 

[...]


--
ExpandingSecurity.com Live OnLine classes won&#8217;t wreck your schedule.
Get that cert and be done before 2012 ends. Last ISSAP 2012 class starts
Sept. 25th. Last 2012 CISSP and CEH starts Oct. 1:
CEH info signup: http://www.expandingsecurity.com/product/ceh-certified-ethical-hacker-online/
CISSP info signup: http://www.expandingsecurity.com/product/cissp-live-online-10-week-course/
ISSAP info signup: http://www.expandingsecurity.com/product/issap-information-systems-security-architecture-professional/
Previous By Date Next
Previous By Thread Next

Current thread: