In early 2017, Kaspersky Lab researchers noted increased activity by an APT called Spring Dragon (also known as LotusBlossom). The attacks involved new and evolved tools and techniques and targeted countries around the South China Sea. Kaspersky Lab’s experts have published their analysis of the attackers’ toolset over time in order to help organizations better understand the nature of the threat and protect themselves.

 

Spring Dragon is a long-running threat actor that has been targeting high profile political, governmental and education organisations in Asia since 2012. Kaspersky Lab has been tracking the APT for the last few years.

 

In early 2017, Kaspersky Lab identified renewed attacks in the threat actor’s favoured South China Sea region. According to Kaspersky Lab telemetry, Taiwan had the largest number of attacks followed by Indonesia, Vietnam, the Philippines, Macau, Malaysia, Hong Kong and Thailand. To help organizations better understand and protect against the threat, Kaspersky Lab’s researchers have undertaken a detailed review of 600 Spring Dragon malware samples.

 

Kaspersky Lab’s overview of Spring Dragon’s tools shows that:

●The attackers’ toolset includes a unique customised set of links to command and control servers for each malware: the malware samples contained more than 200 unique IP addresses overall.

●This toolset was accompanied by customised installation data for each attack to make detection difficult.

●The arsenal includes various backdoor modules with different characteristics and functionalities – although they all have the capability to download additional files to the victim’s machine, upload files to its servers and execute any executable file or command on the victim’s machine. This allows the attackers to undertake a number of malicious activities on the victim’s machine – particularly cyberespionage.

●The malware compilation timestamps suggest a time zone of GMT +8 – although the experts warn that does not represent a reliable indicator of attribution.

 

“Organisations and businesses need to step up and manage risk on reputation and service guarantees. The average loss from a single targeted attack is close to $1,000,000 excluding reputational impact. In the event of cyberattack, a considerable investment is made for urgent response to improve software and infrastructure. The reverse needs to take place. We must not wait for attacks to happen for us to take precaution,” says Anastasia Para Rae, General Manager at Kaspersky Lab ANZ.

 

“We believe that Spring Dragon is going to continue resurfacing regularly in the Asian region and it’s important to be familiar with its tools and techniques. We encourage individuals and businesses to have good Yara rules and other detection mechanisms in place and strongly recommended they use – and regularly audit – a multi layered approach to security,” adds Noushin Shabab, GReAT Senior Security Researcher at Kaspersky Lab.

 

In order to protect your personal or business data from cyberattacks, Kaspersky Lab advise the following:

●Implement an advanced, multi-layered security solution that covers all networks, systems and endpoints.

●Educate and train your personnel on social engineering as this method is often used to make a victim open a malicious document or click on an infected link.

●Conduct regular security assessments of the organisations IT infrastructure.

 

Use Kaspersky’s Threat Intelligence that tracks cyberattacks, incident or threats and provides customers with up-to-date relevant information that they are unaware of. Find out more at intelreports@kaspersky.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
Artificial Intelligence and Machine Learning Are Changing the Way We Do Business
Techworld Date Posted: 28 November 2017 10:29 AM | 301 Views
Today, every organisation needs to reimagine its business model. Customers expect business to meet them anywhere, any time, on any device. To meet this speed of response, businesses need to be ahead of the.... See More
 
Artificial Intelligence and Machine Learning Are Changing the Way We Do Business
Techworld Date Posted: 10:29 AM | 301 Views
Today, every organisation needs to reimagine its business model. Customers expect business to meet them anywhere, any time, on any device. To meet this speed of response, businesses need to be ahead of the...See More

 
ASUS Announces Cutting-Edge AiMesh Whole-Home Wi-Fi for ASUS Routers
Techworld Date Posted: 5 January 2018 10:51 AM | 258 Views
ASUS today announced AiMesh, an innovative and breakthrough feature upgrade for ASUS routers that allows users to easily create a flexible and powerful whole-home Wi-Fi system using any compatible ASUS models.. See More
 
ASUS Announces Cutting-Edge AiMesh Whole-Home Wi-Fi for ASUS Routers
Techworld Date Posted: 10:51 AM | 258 Views
ASUS today announced AiMesh, an innovative and breakthrough feature upgrade for ASUS routers that allows users to easily create a flexible and powerful whole-home Wi-Fi system using any compatible ASUS models.See More

 
Experience the OPPO “Capture the Real You” Roadshow in SM Megamall Fashion Hall
Techworld Date Posted: 26 April 2018 5:04 PM | 328 Views
After the successful Philippine launch of the OPPO F7, the Selfie Expert brand’s latest flagship smartphone, OPPO has shown its commitment to bring the F7 closer to as many Filipinos as possible with its.... See More
 
Experience the OPPO “Capture the Real You” Roadshow in SM Megamall Fashion Hall
Techworld Date Posted: 5:04 PM | 328 Views
After the successful Philippine launch of the OPPO F7, the Selfie Expert brand’s latest flagship smartphone, OPPO has shown its commitment to bring the F7 closer to as many Filipinos as possible with its...See More

 
OYO Hotels Launches Operations in the Philippines; To Invest Upwards of $50 Million
Techworld Date Posted: 7 February 2019 8:59 AM | 90 Views
Technology and tourism, when converged effectively, open a myriad of opportunities. OYO, South Asia’s largest, and the world’s fastest-growing chain of hotels, homes and spaces, proves this as it lands in the Philippines.. See More
 
OYO Hotels Launches Operations in the Philippines; To Invest Upwards of $50 Million
Techworld Date Posted: 8:59 AM | 90 Views
Technology and tourism, when converged effectively, open a myriad of opportunities. OYO, South Asia’s largest, and the world’s fastest-growing chain of hotels, homes and spaces, proves this as it lands in the Philippines.See More

 
Epson, DENR-EMB, and GREENducation PH Launch 1st EcoVision Short Film Competition for Students
Techworld Date Posted: 4 January 2019 1:09 PM | 109 Views
Epson, in partnership with the Department of Environment and Natural Resources – Environmental Management Bureau (DENR-EMB) and GREENducation Philippines, has announced the launch of its 1st EcoVision Short Film Competition for students. . See More
 
Epson, DENR-EMB, and GREENducation PH Launch 1st EcoVision Short Film Competition for Students
Techworld Date Posted: 1:09 PM | 109 Views
Epson, in partnership with the Department of Environment and Natural Resources – Environmental Management Bureau (DENR-EMB) and GREENducation Philippines, has announced the launch of its 1st EcoVision Short Film Competition for students. See More

 
Sony’s Xperia XZ Premium Gets Android 8.0 Oreo Upgrade
Techworld Date Posted: 4 December 2017 4:42 PM | 404 Views
Sony’s Xperia XZ Premium is getting an OS upgrade. The Android 8.0 Oreo update is now available for Sony’s flagship smartphone but it also goes beyond the usual as it brings with it cool.... See More
 
Sony’s Xperia XZ Premium Gets Android 8.0 Oreo Upgrade
Techworld Date Posted: 4:42 PM | 404 Views
Sony’s Xperia XZ Premium is getting an OS upgrade. The Android 8.0 Oreo update is now available for Sony’s flagship smartphone but it also goes beyond the usual as it brings with it cool...See More

 
Your Digital Identity Could Be on Sale for Less than $50 – New Dark Web Research from Kaspersky Lab Shows
Techworld Date Posted: 6 November 2018 4:29 PM | 129 Views
While many of us have heard of, or even fallen victim to, cybercrimes such as data and identity theft, it seems that relatively few know the value of the information stolen from us.. See More
 
Your Digital Identity Could Be on Sale for Less than $50 – New Dark Web Research from Kaspersky Lab Shows
Techworld Date Posted: 4:29 PM | 129 Views
While many of us have heard of, or even fallen victim to, cybercrimes such as data and identity theft, it seems that relatively few know the value of the information stolen from us.See More

 
Lenovo™ Sees Intelligence Transforming Everything at MWC 2018, From Devices to Data Center
Techworld Date Posted: 27 February 2018 4:51 PM | 1273 Views
Today, at MWC 2018, Lenovo reinforced its 2018 vision for technology innovations, moving its core strategy to Augmented Intelligence.. See More
 
Lenovo™ Sees Intelligence Transforming Everything at MWC 2018, From Devices to Data Center
Techworld Date Posted: 4:51 PM | 1273 Views
Today, at MWC 2018, Lenovo reinforced its 2018 vision for technology innovations, moving its core strategy to Augmented Intelligence.See More

 
Globe Telecom Signs Multi-Year Intelligent Operations Deal with Amdocs for Continuous Enhancement of Services and Operations
Techworld Date Posted: 1 March 2018 2:38 PM | 487 Views
Amdocs, (NASDAQ: DOX), a leading provider of software and services to communications and media companies, today announced that it has signed a multi-year services contract with Globe Telecom, one of the Philippines’ largest telecommunications.... See More
 
Globe Telecom Signs Multi-Year Intelligent Operations Deal with Amdocs for Continuous Enhancement of Services and Operations
Techworld Date Posted: 2:38 PM | 487 Views
Amdocs, (NASDAQ: DOX), a leading provider of software and services to communications and media companies, today announced that it has signed a multi-year services contract with Globe Telecom, one of the Philippines’ largest telecommunications...See More

 
Lenovo’s Gift Guide for the Holiday Season
Techworld Date Posted: 22 December 2018 2:56 PM | 131 Views
Looking for the perfect gadgets for yourself or to give away to your families and friends this Christmas? Lenovo, the world’s leading PC and smart devices developer has compiled the best tech gifts that.... See More
 
Lenovo’s Gift Guide for the Holiday Season
Techworld Date Posted: 2:56 PM | 131 Views
Looking for the perfect gadgets for yourself or to give away to your families and friends this Christmas? Lenovo, the world’s leading PC and smart devices developer has compiled the best tech gifts that...See More


Power by

Download Free AZ | Free Wordpress Themes