During the first three months of the year, Kaspersky Lab researchers discovered a wave of new APT activity based mainly in Asia – more than 30% of Q1 reports were dedicated to threat operations in this region. A peak of activity was also observed in the Middle East with a number of new techniques used by actors. These and other trends are covered in Kaspersky Lab’s latest quarterly threat intelligence summary.

 

In the first quarter of 2018, Kaspersky Lab researchers continued to detect cyber activities by advanced persistent threat (APT) groups speaking languages including Russian, Chinese, English and Korean, among others. And while some well-known actors didn’t show any noteworthy activity, a rising number of APT operations and new threat actors were detected in the Asian region. This rise is explained in part by the Olympic Destroyer malware attack on the Pyeongchang Olympic Games.

 

Highlights in Q1, 2018 include:

  • Continuous rise of Chinese-speaking activity, including the ShaggyPanther cluster of activity targeting government entities mainly in Taiwan and Malaysia, and CardinalLizard, which in 2018 increased its interest in Malaysia alongside an existing focus on the Philippines, Russia, and Mongolia.
  • Recorded APT activity in South Asia. Pakistan military entities have been under attack from the newly discovered Sidewinder group.
  • IronHusky APT apparently stops targeting Russian military actors and transfers all its efforts to Mongolia. At the end of January 2018, this Chinese-speaking actor launched an attack campaign on Mongolian government organizations before their meeting with the International Monetary Fund (IMF).
  • Korean peninsula remains in focus. The Kimsuky APT, targeting South Korean think tanks and political activities, has renewed its arsenal with a completely new framework designed for cyberespionage and used in a spear-phishing campaign. Furthermore, a subset of the infamous Lazarus group, Bluenoroff, has shifted to new targets including cryptocurrency companies and Point of Sales (PoS).

 

Kaspersky Lab also detected a peak of threat activity in the Middle East. For example, the StrongPity APT launched a number of new Man-in-the-Middle (MiTM) attacks on internet service provider (ISP) networks. Another highly skilled cybercriminal group, the Desert Falcons, returned to target Android devices with malware previously used in 2014.

 

Also, in Q1, Kaspersky Lab researchers discovered several groups routinely targeting routers and networking hardware in their campaigns, an approach adopted years ago by actors such as Regin and CloudAtlas. According to experts, routers will continue to be a target for attackers as a way of getting a foothold in a victim´s infrastructure.

 

During the first three months of the year we saw a number of new threat groups of different levels of sophistication, but which, overall, were using the most common and available malware tools. At the same time, we observed no significant activity from some well-known actors. This leads us to believe that they are rethinking their strategies and reorganizing their teams for future attacks.” said Vicente Diaz, Principal Security Researcher at Kaspersky Lab GReAT team.

 

The newly published Q1 APT Trends report summarizes the findings of Kaspersky Lab’s subscriber-only threat intelligence reports. During the first quarter of 2018, Kaspersky Lab’s Global Research and Analysis Team created 27 private reports for subscribers, with Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting.

 

For more information, please contact: intelreports@kaspersky.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
A Shift from Quantity to Quality: 2018 Saw Cybercriminals Dropping Basic DDoS Operations
Techworld Date Posted: 12 February 2019 8:27 AM | 8 Views
The Kaspersky Lab DDoS Q4 Report covering statistics of the last quarter and the whole of 2018 highlights a 13% decline in the overall number of DDoS attacks when compared with the statistics from.... See More
 
A Shift from Quantity to Quality: 2018 Saw Cybercriminals Dropping Basic DDoS Operations
Techworld Date Posted: 8:27 AM | 8 Views
The Kaspersky Lab DDoS Q4 Report covering statistics of the last quarter and the whole of 2018 highlights a 13% decline in the overall number of DDoS attacks when compared with the statistics from...See More

 
CES 2018: HyperX Reveals First Wireless Headset and New Suite of RGB Gaming Gear
Techworld Date Posted: 11 January 2018 10:58 AM | 409 Views
HyperX®, the gaming division of Kingston Technology, today demonstrated its first wireless gaming headset, the HyperX Cloud FlightTM, and an expanded suite of RGB gaming peripherals including the HyperX Alloy Elite RGBTM mechanical keyboard.... See More
 
CES 2018: HyperX Reveals First Wireless Headset and New Suite of RGB Gaming Gear
Techworld Date Posted: 10:58 AM | 409 Views
HyperX®, the gaming division of Kingston Technology, today demonstrated its first wireless gaming headset, the HyperX Cloud FlightTM, and an expanded suite of RGB gaming peripherals including the HyperX Alloy Elite RGBTM mechanical keyboard...See More

 
Fortinet’s Newest Sandbox Solution Recommended by NSS Labs
Techworld Date Posted: 26 October 2017 1:39 PM | 120 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the results of the latest NSS Labs Breach Detection System (BDS) group test.. See More
 
Fortinet’s Newest Sandbox Solution Recommended by NSS Labs
Techworld Date Posted: 1:39 PM | 120 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the results of the latest NSS Labs Breach Detection System (BDS) group test.See More

 
Shaping the Leaders of Tomorrow
Techworld Date Posted: 9 August 2017 2:55 PM | 354 Views
From left: Harriet B. Fernandez, Director, Computing and Information Services Office, Lennie K. Ong, University Treasurer, Edison B. Sasoy, Vice President for Administration, Fr. Roberto C. Yap, SJ, University President, Mr. Cricket Santiago, President.... See More
 
Shaping the Leaders of Tomorrow
Techworld Date Posted: 2:55 PM | 354 Views
From left: Harriet B. Fernandez, Director, Computing and Information Services Office, Lennie K. Ong, University Treasurer, Edison B. Sasoy, Vice President for Administration, Fr. Roberto C. Yap, SJ, University President, Mr. Cricket Santiago, President...See More

 
Is Anxious the New Normal? Majority of Generation Z Admit to Feeling Anxious about Something in Their Daily Lives and Often Don’t Seek Advice to Help Them Cope with It
Techworld Date Posted: 15 January 2019 3:07 PM | 34 Views
A new Kaspersky Lab report has shown that Generation Z is the most anxious to date, with the vast majority of young people admitting they are worried about something in their lives, and the.... See More
 
Is Anxious the New Normal? Majority of Generation Z Admit to Feeling Anxious about Something in Their Daily Lives and Often Don’t Seek Advice to Help Them Cope with It
Techworld Date Posted: 3:07 PM | 34 Views
A new Kaspersky Lab report has shown that Generation Z is the most anxious to date, with the vast majority of young people admitting they are worried about something in their lives, and the...See More

 
Five Videos to Make the Most of Video Every Day Promo this Holiday Season
Techworld Date Posted: 10 December 2018 4:36 PM | 72 Views
This Christmas season, you can make the rush hour traffic or the long lines at the mall just a little bit more bearable with Smart’s Video Every Day, which lets you enjoy up to.... See More
 
Five Videos to Make the Most of Video Every Day Promo this Holiday Season
Techworld Date Posted: 4:36 PM | 72 Views
This Christmas season, you can make the rush hour traffic or the long lines at the mall just a little bit more bearable with Smart’s Video Every Day, which lets you enjoy up to...See More

 
Cyber Criminals Cash in on Millions with Formjacking, Pose Serious Threat to Businesses and Consumers
Techworld Date Posted: 14 March 2019 10:57 AM | 22 Views
Faced with diminishing returns from ransomware and cryptojacking, cyber criminals are doubling down on alternative methods such as formjacking to make money, according to Symantec’s (Nasdaq: SYMC) Internet Security Threat Report (ISTR) Volume 24.. See More
 
Cyber Criminals Cash in on Millions with Formjacking, Pose Serious Threat to Businesses and Consumers
Techworld Date Posted: 10:57 AM | 22 Views
Faced with diminishing returns from ransomware and cryptojacking, cyber criminals are doubling down on alternative methods such as formjacking to make money, according to Symantec’s (Nasdaq: SYMC) Internet Security Threat Report (ISTR) Volume 24.See More

 
There’s still time! Avail the Best Gaming Notebook This Holiday Season
Techworld Date Posted: 16 December 2017 4:43 PM | 403 Views
Only few days left for you to take advantage of this Christmas treat. MSI got you covered with up to P15,000 cash discount plus premium items as freebies upon purchase on select models. . See More
 
There’s still time! Avail the Best Gaming Notebook This Holiday Season
Techworld Date Posted: 4:43 PM | 403 Views
Only few days left for you to take advantage of this Christmas treat. MSI got you covered with up to P15,000 cash discount plus premium items as freebies upon purchase on select models. See More

 
Intensified Financial Hunting by Lazarus Group Marked by Fake Supply Chain Attacks, MacOS Malware
Techworld Date Posted: 28 September 2018 4:04 PM | 323 Views
Kaspersky Lab reveals today that heightened cyberheist activity by the notorious Lazarus group will give rise to more fake supply chain attacks to deliver ever stealthier infections. The cybergang has also been discovered to.... See More
 
Intensified Financial Hunting by Lazarus Group Marked by Fake Supply Chain Attacks, MacOS Malware
Techworld Date Posted: 4:04 PM | 323 Views
Kaspersky Lab reveals today that heightened cyberheist activity by the notorious Lazarus group will give rise to more fake supply chain attacks to deliver ever stealthier infections. The cybergang has also been discovered to...See More

 
Synology® Announces DiskStation DS1618+
Techworld Date Posted: 21 May 2018 4:45 PM | 28 Views
Synology® Inc. today launched DiskStation DS1618+, a 6-bay NAS featuring the Intel Atom® C3538. For tech enthusiasts and small to medium sized businesses, DS1618+ is the perfect all-in-one solution for file serving, application hosting,.... See More
 
Synology® Announces DiskStation DS1618+
Techworld Date Posted: 4:45 PM | 28 Views
Synology® Inc. today launched DiskStation DS1618+, a 6-bay NAS featuring the Intel Atom® C3538. For tech enthusiasts and small to medium sized businesses, DS1618+ is the perfect all-in-one solution for file serving, application hosting,...See More


Power by

Download Free AZ | Free Wordpress Themes