![]() ![]() Additional layers of obfuscation and misdirection led Cylance researchers to dub the group the White Company. The new APT's malware goes to extraordinary lengths to evade detection and includes the ability to detect and hide from eight different antivirus products, including Sophos, Kaspersky, AVG and BitDefender. The new APT group takes the cat-and-mouse game between attackers and defenders to a new level, and blue teams around the world should pay attention to the tactics used here, Cylance researchers say. ![]() While hesitant to attribute to any particular nation, researchers told CSO the new APT is likely Middle Eastern, but whose tactics, techniques and procedures (TTPs) are indicative of US-trained intelligence operatives, raising the possibility that ex-US intel folks have turned mercenary and are building a new APT group for a Middle Eastern nation. This heralds the advent of a major new nation-state player on the cyber domain, Cylance researchers speculate, who rule out all the usual suspects - Five Eyes, Israel, India, China, Russia, and North Korea. ![]() The Belgian locksmith was just a pawn in a global game of cyberespionage fought by a new nation-state hacking group, and while the target in this operation was Pakistan - both nuclear-armed and a haven for terrorists in the region - the incredibly sophisticated layers of misdirection used by the malware to mislead and delay forensics analysis worries security researchers, who say these attack tools could be deployed against anyone else in the world at any time. The locksmith probably never knew his website had been taken over by a nation-state hacking group as a command-and-control server, nor that exploit-laden Microsoft Word documents crafted to spear-phish Pakistani Air Force officers were hosted there for more than six months. When a Belgian locksmith attacked the Pakistani Air Force, researchers at Cylance sat up and took notice. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |