In early 2017, Kaspersky Lab researchers noted increased activity by an APT called Spring Dragon (also known as LotusBlossom). The attacks involved new and evolved tools and techniques and targeted countries around the South China Sea. Kaspersky Lab’s experts have published their analysis of the attackers’ toolset over time in order to help organizations better understand the nature of the threat and protect themselves.

 

Spring Dragon is a long-running threat actor that has been targeting high profile political, governmental and education organisations in Asia since 2012. Kaspersky Lab has been tracking the APT for the last few years.

 

In early 2017, Kaspersky Lab identified renewed attacks in the threat actor’s favoured South China Sea region. According to Kaspersky Lab telemetry, Taiwan had the largest number of attacks followed by Indonesia, Vietnam, the Philippines, Macau, Malaysia, Hong Kong and Thailand. To help organizations better understand and protect against the threat, Kaspersky Lab’s researchers have undertaken a detailed review of 600 Spring Dragon malware samples.

 

Kaspersky Lab’s overview of Spring Dragon’s tools shows that:

●The attackers’ toolset includes a unique customised set of links to command and control servers for each malware: the malware samples contained more than 200 unique IP addresses overall.

●This toolset was accompanied by customised installation data for each attack to make detection difficult.

●The arsenal includes various backdoor modules with different characteristics and functionalities – although they all have the capability to download additional files to the victim’s machine, upload files to its servers and execute any executable file or command on the victim’s machine. This allows the attackers to undertake a number of malicious activities on the victim’s machine – particularly cyberespionage.

●The malware compilation timestamps suggest a time zone of GMT +8 – although the experts warn that does not represent a reliable indicator of attribution.

 

“Organisations and businesses need to step up and manage risk on reputation and service guarantees. The average loss from a single targeted attack is close to $1,000,000 excluding reputational impact. In the event of cyberattack, a considerable investment is made for urgent response to improve software and infrastructure. The reverse needs to take place. We must not wait for attacks to happen for us to take precaution,” says Anastasia Para Rae, General Manager at Kaspersky Lab ANZ.

 

“We believe that Spring Dragon is going to continue resurfacing regularly in the Asian region and it’s important to be familiar with its tools and techniques. We encourage individuals and businesses to have good Yara rules and other detection mechanisms in place and strongly recommended they use – and regularly audit – a multi layered approach to security,” adds Noushin Shabab, GReAT Senior Security Researcher at Kaspersky Lab.

 

In order to protect your personal or business data from cyberattacks, Kaspersky Lab advise the following:

●Implement an advanced, multi-layered security solution that covers all networks, systems and endpoints.

●Educate and train your personnel on social engineering as this method is often used to make a victim open a malicious document or click on an infected link.

●Conduct regular security assessments of the organisations IT infrastructure.

 

Use Kaspersky’s Threat Intelligence that tracks cyberattacks, incident or threats and provides customers with up-to-date relevant information that they are unaware of. Find out more at intelreports@kaspersky.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
Data for Nothing: Fraudsters Use Fake Gift Cards to Lure Consumers into Handing Over Personal Data
Techworld Date Posted: 23 July 2018 2:37 PM | 402 Views
Kaspersky Lab experts have discovered the distribution of an unusual fraudulent scheme that tricks users into parting with their time and their data, for no return.. See More
 
Data for Nothing: Fraudsters Use Fake Gift Cards to Lure Consumers into Handing Over Personal Data
Techworld Date Posted: 2:37 PM | 402 Views
Kaspersky Lab experts have discovered the distribution of an unusual fraudulent scheme that tricks users into parting with their time and their data, for no return.See More

 
Synology® Introduces DiskStation DS418j
Techworld Date Posted: 15 August 2017 3:07 PM | 302 Views
Synology Inc. launched in Taiwan the new DiskStation DS418j, a budget-friendly 4-bay NAS server designed to help home and individual users to manage, protect and share data effectively. DS418j is powered by a brand-new 64-bit.... See More
 
Synology® Introduces DiskStation DS418j
Techworld Date Posted: 3:07 PM | 302 Views
Synology Inc. launched in Taiwan the new DiskStation DS418j, a budget-friendly 4-bay NAS server designed to help home and individual users to manage, protect and share data effectively. DS418j is powered by a brand-new 64-bit...See More

 
ASUS Republic of Gamers Launches Maximus X and Strix Z370 Series Motherboards
Techworld Date Posted: 19 October 2017 8:37 AM | 539 Views
ASUS Republic of Gamers (ROG) today announced Maximus X and Strix Z370, a diverse collection of ROG Z370 gaming motherboards featuring support for the latest 8th Generation IntelCoreTM processors and designed for a range.... See More
 
ASUS Republic of Gamers Launches Maximus X and Strix Z370 Series Motherboards
Techworld Date Posted: 8:37 AM | 539 Views
ASUS Republic of Gamers (ROG) today announced Maximus X and Strix Z370, a diverse collection of ROG Z370 gaming motherboards featuring support for the latest 8th Generation IntelCoreTM processors and designed for a range...See More

 
Get into the Christmas Vibe with IEP x Transcend DrivePro Raffle
Techworld Date Posted: 15 December 2017 10:37 AM | 209 Views
To share the honor of being recognized as one of Taiwan's Top 20 Global Brands for over ten consecutive years, Transcend cooperates with Taiwan Excellence’s IEP to hold a Christmas raffle with BIG prizes.... See More
 
Get into the Christmas Vibe with IEP x Transcend DrivePro Raffle
Techworld Date Posted: 10:37 AM | 209 Views
To share the honor of being recognized as one of Taiwan's Top 20 Global Brands for over ten consecutive years, Transcend cooperates with Taiwan Excellence’s IEP to hold a Christmas raffle with BIG prizes...See More

 
Synology® Announces DiskStation DS1618+
Techworld Date Posted: 21 May 2018 4:45 PM | 392 Views
Synology® Inc. today launched DiskStation DS1618+, a 6-bay NAS featuring the Intel Atom® C3538. For tech enthusiasts and small to medium sized businesses, DS1618+ is the perfect all-in-one solution for file serving, application hosting,.... See More
 
Synology® Announces DiskStation DS1618+
Techworld Date Posted: 4:45 PM | 392 Views
Synology® Inc. today launched DiskStation DS1618+, a 6-bay NAS featuring the Intel Atom® C3538. For tech enthusiasts and small to medium sized businesses, DS1618+ is the perfect all-in-one solution for file serving, application hosting,...See More

 
Free YouTube Promo for Smart, TNT, and Sun Customers Extended until July 31
Techworld Date Posted: 16 July 2018 4:22 PM | 512 Views
PLDT wireless arm Smart Communications, Inc. has announced that it is extending its Free YouTube promo, allowing all prepaid and postpaid customers of Smart, TNT, and Sun to continue enjoying up to one hour.... See More
 
Free YouTube Promo for Smart, TNT, and Sun Customers Extended until July 31
Techworld Date Posted: 4:22 PM | 512 Views
PLDT wireless arm Smart Communications, Inc. has announced that it is extending its Free YouTube promo, allowing all prepaid and postpaid customers of Smart, TNT, and Sun to continue enjoying up to one hour...See More

 
ASUS Republic of Gamers Bundles the Best Games and Gears This Holiday Season!
Techworld Date Posted: 25 November 2017 4:58 PM | 295 Views
As the season of giving draws near, ASUS Republic Of Gamers (ROG) is first to gift its loyal customers additional reasons to upgrade their DIY PC systems. Dubbed as the Merry Strixmas promo, ROG.... See More
 
ASUS Republic of Gamers Bundles the Best Games and Gears This Holiday Season!
Techworld Date Posted: 4:58 PM | 295 Views
As the season of giving draws near, ASUS Republic Of Gamers (ROG) is first to gift its loyal customers additional reasons to upgrade their DIY PC systems. Dubbed as the Merry Strixmas promo, ROG...See More

 
Seven Ways to Ensure a Data Breach Does Not Happen to You
Techworld Date Posted: 12 September 2017 3:18 PM | 272 Views
By: Derek Manky Global Security Strategist,Fortinet 143 million. The number of US consumers potentially affected by the recently announced credit services data breach is staggering. It's nearly half the US population. And as a credit reporting.... See More
 
Seven Ways to Ensure a Data Breach Does Not Happen to You
Techworld Date Posted: 3:18 PM | 272 Views
By: Derek Manky Global Security Strategist,Fortinet 143 million. The number of US consumers potentially affected by the recently announced credit services data breach is staggering. It's nearly half the US population. And as a credit reporting...See More

 
IDC Philippines Unveils its Top ICT Predictions for 2017 and Beyond
Techworld Date Posted: 9 February 2017 2:38 PM | 205 Views
MANILA, Philippines – IDC Philippines announced its top predictions for the Philippine ICT industry for 2017 and beyond and predicts 25% of its top 1,000 companies will see majority of their business depend on.... See More
 
IDC Philippines Unveils its Top ICT Predictions for 2017 and Beyond
Techworld Date Posted: 2:38 PM | 205 Views
MANILA, Philippines – IDC Philippines announced its top predictions for the Philippine ICT industry for 2017 and beyond and predicts 25% of its top 1,000 companies will see majority of their business depend on...See More

 
5 Simple WiFi Problems and the Easy Ways to Fix Them
Techworld Date Posted: 12 July 2018 4:09 PM | 491 Views
Home WiFi issues can be really frustrating, especially if you’re in the middle of sending an important work file, a video call with a relative living overseas, or a Netflix-bingeing marathon. But most of.... See More
 
5 Simple WiFi Problems and the Easy Ways to Fix Them
Techworld Date Posted: 4:09 PM | 491 Views
Home WiFi issues can be really frustrating, especially if you’re in the middle of sending an important work file, a video call with a relative living overseas, or a Netflix-bingeing marathon. But most of...See More


Power by

Download Free AZ | Free Wordpress Themes