In early 2017, Kaspersky Lab researchers noted increased activity by an APT called Spring Dragon (also known as LotusBlossom). The attacks involved new and evolved tools and techniques and targeted countries around the South China Sea. Kaspersky Lab’s experts have published their analysis of the attackers’ toolset over time in order to help organizations better understand the nature of the threat and protect themselves.

 

Spring Dragon is a long-running threat actor that has been targeting high profile political, governmental and education organisations in Asia since 2012. Kaspersky Lab has been tracking the APT for the last few years.

 

In early 2017, Kaspersky Lab identified renewed attacks in the threat actor’s favoured South China Sea region. According to Kaspersky Lab telemetry, Taiwan had the largest number of attacks followed by Indonesia, Vietnam, the Philippines, Macau, Malaysia, Hong Kong and Thailand. To help organizations better understand and protect against the threat, Kaspersky Lab’s researchers have undertaken a detailed review of 600 Spring Dragon malware samples.

 

Kaspersky Lab’s overview of Spring Dragon’s tools shows that:

●The attackers’ toolset includes a unique customised set of links to command and control servers for each malware: the malware samples contained more than 200 unique IP addresses overall.

●This toolset was accompanied by customised installation data for each attack to make detection difficult.

●The arsenal includes various backdoor modules with different characteristics and functionalities – although they all have the capability to download additional files to the victim’s machine, upload files to its servers and execute any executable file or command on the victim’s machine. This allows the attackers to undertake a number of malicious activities on the victim’s machine – particularly cyberespionage.

●The malware compilation timestamps suggest a time zone of GMT +8 – although the experts warn that does not represent a reliable indicator of attribution.

 

“Organisations and businesses need to step up and manage risk on reputation and service guarantees. The average loss from a single targeted attack is close to $1,000,000 excluding reputational impact. In the event of cyberattack, a considerable investment is made for urgent response to improve software and infrastructure. The reverse needs to take place. We must not wait for attacks to happen for us to take precaution,” says Anastasia Para Rae, General Manager at Kaspersky Lab ANZ.

 

“We believe that Spring Dragon is going to continue resurfacing regularly in the Asian region and it’s important to be familiar with its tools and techniques. We encourage individuals and businesses to have good Yara rules and other detection mechanisms in place and strongly recommended they use – and regularly audit – a multi layered approach to security,” adds Noushin Shabab, GReAT Senior Security Researcher at Kaspersky Lab.

 

In order to protect your personal or business data from cyberattacks, Kaspersky Lab advise the following:

●Implement an advanced, multi-layered security solution that covers all networks, systems and endpoints.

●Educate and train your personnel on social engineering as this method is often used to make a victim open a malicious document or click on an infected link.

●Conduct regular security assessments of the organisations IT infrastructure.

 

Use Kaspersky’s Threat Intelligence that tracks cyberattacks, incident or threats and provides customers with up-to-date relevant information that they are unaware of. Find out more at intelreports@kaspersky.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
HyperX Reveals Licensed Headset for PlayStation®4 at ESGS for the First Time in Philippines
Techworld Date Posted: 26 October 2018 4:15 PM | 187 Views
HyperX, the gaming division of Kingston Technology, joins ESGS at the SMX Convention Center, Pasay City in Philippines from October 26th to 28th.. See More
 
HyperX Reveals Licensed Headset for PlayStation®4 at ESGS for the First Time in Philippines
Techworld Date Posted: 4:15 PM | 187 Views
HyperX, the gaming division of Kingston Technology, joins ESGS at the SMX Convention Center, Pasay City in Philippines from October 26th to 28th.See More

 
Philips Monitors in Collaboration with 20th Century Fox Will Rock Local Cinemas with the Most Anticipated Rock Band Story Ever Told
Techworld Date Posted: 5 November 2018 9:16 AM | 139 Views
Philips monitors and display solutions are very known in the world as one of the highest performing innovative monitors for both productivity and gaming.. See More
 
Philips Monitors in Collaboration with 20th Century Fox Will Rock Local Cinemas with the Most Anticipated Rock Band Story Ever Told
Techworld Date Posted: 9:16 AM | 139 Views
Philips monitors and display solutions are very known in the world as one of the highest performing innovative monitors for both productivity and gaming.See More

 
UBTECH Robotics Introduces STEM-Friendly Jimu Robots for Kids and Teens in the Philippines
Techworld Date Posted: 28 September 2017 4:26 PM | 414 Views
UBTECH Robotics, the company best known globally as the industry leader in artificial intelligence and humanoid robotics today introduced a new line of STEM-friendly Jimu Robots for kids and teens in the Philippines. UBTECH's Jimu.... See More
 
UBTECH Robotics Introduces STEM-Friendly Jimu Robots for Kids and Teens in the Philippines
Techworld Date Posted: 4:26 PM | 414 Views
UBTECH Robotics, the company best known globally as the industry leader in artificial intelligence and humanoid robotics today introduced a new line of STEM-friendly Jimu Robots for kids and teens in the Philippines. UBTECH's Jimu...See More

 
Nokia 8: Three Firsts in One Precision Ddesigned Flagship
Techworld Date Posted: 17 August 2017 11:37 AM | 275 Views
HMD Global, the home of Nokia phones, today announced the Nokia 8, a high performance, beautifully crafted smartphone, designed with content creators in mind. The Nokia 8 brings three world-firsts to Android smartphones, including.... See More
 
Nokia 8: Three Firsts in One Precision Ddesigned Flagship
Techworld Date Posted: 11:37 AM | 275 Views
HMD Global, the home of Nokia phones, today announced the Nokia 8, a high performance, beautifully crafted smartphone, designed with content creators in mind. The Nokia 8 brings three world-firsts to Android smartphones, including...See More

 
Free YouTube Now Also Available to All Smart, Sun Postpaid Customers
Techworld Date Posted: 2 June 2018 10:16 AM | 327 Views
You can now enjoy watching more videos on the go as PLDT wireless arm Smart Communications, Inc. (Smart) is now also giving all postpaid customers up to one hour of free access to YouTube.... See More
 
Free YouTube Now Also Available to All Smart, Sun Postpaid Customers
Techworld Date Posted: 10:16 AM | 327 Views
You can now enjoy watching more videos on the go as PLDT wireless arm Smart Communications, Inc. (Smart) is now also giving all postpaid customers up to one hour of free access to YouTube...See More

 
Kaspersky Lab Unmasks the History of Cyber Espionage in the APAC region
Techworld Date Posted: 18 October 2017 11:55 AM | 293 Views
Kaspersky Lab's Director of Global Research and Analysis Team (GReAT) in Asia Pacific, Vitaly Kamluk opens his discussion on cyberespionage with the legend of Rothschilds to emphasize the power of information. Equipped with detailed histories.... See More
 
Kaspersky Lab Unmasks the History of Cyber Espionage in the APAC region
Techworld Date Posted: 11:55 AM | 293 Views
Kaspersky Lab's Director of Global Research and Analysis Team (GReAT) in Asia Pacific, Vitaly Kamluk opens his discussion on cyberespionage with the legend of Rothschilds to emphasize the power of information. Equipped with detailed histories...See More

 
Lenovo’s CES 2019 Products Are Built to Unlock Your Potential
Techworld Date Posted: 10 January 2019 1:42 PM | 325 Views
Fresh from CES 2019, Lenovo announced a new group of intelligent devices from across its portfolio – products designed to transform and improve the way people live, work, and play.. See More
 
Lenovo’s CES 2019 Products Are Built to Unlock Your Potential
Techworld Date Posted: 1:42 PM | 325 Views
Fresh from CES 2019, Lenovo announced a new group of intelligent devices from across its portfolio – products designed to transform and improve the way people live, work, and play.See More

 
Must-Have Christmas Bundles on Your Shopping List
Techworld Date Posted: 14 December 2018 4:45 PM | 117 Views
Everyone’s favourite holiday is a few carols away. To help everyone check off items on their holiday shopping lists, HMD Global, the home of Nokia phones, offers timely and reliable gift ideas that will.... See More
 
Must-Have Christmas Bundles on Your Shopping List
Techworld Date Posted: 4:45 PM | 117 Views
Everyone’s favourite holiday is a few carols away. To help everyone check off items on their holiday shopping lists, HMD Global, the home of Nokia phones, offers timely and reliable gift ideas that will...See More

 
Over One Third of All Phishing Attacks Target Financial Sector Customers in Second Quarter of 2018
Techworld Date Posted: 22 August 2018 1:42 PM | 357 Views
In the second quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented over 107 million attempts to visit phishing pages, of which 35.7% were related to financial services and targeting customers through fake banking or.... See More
 
Over One Third of All Phishing Attacks Target Financial Sector Customers in Second Quarter of 2018
Techworld Date Posted: 1:42 PM | 357 Views
In the second quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented over 107 million attempts to visit phishing pages, of which 35.7% were related to financial services and targeting customers through fake banking or...See More

 
Spy Spotting – What Careless Mistakes Reveal about Cyberespionage in APAC
Techworld Date Posted: 24 October 2017 10:22 AM | 351 Views
Kaspersky Lab’s Senior Security Researcher Noushin Shabab looks back at major cyberespionage cases that hit the Asia Pacific region to reveal the mistakes committed by cybercriminals that help researchers unmask their identity.   Errors.... See More
 
Spy Spotting – What Careless Mistakes Reveal about Cyberespionage in APAC
Techworld Date Posted: 10:22 AM | 351 Views
Kaspersky Lab’s Senior Security Researcher Noushin Shabab looks back at major cyberespionage cases that hit the Asia Pacific region to reveal the mistakes committed by cybercriminals that help researchers unmask their identity.   Errors...See More


Power by

Download Free AZ | Free Wordpress Themes