During the first three months of the year, Kaspersky Lab researchers discovered a wave of new APT activity based mainly in Asia – more than 30% of Q1 reports were dedicated to threat operations in this region. A peak of activity was also observed in the Middle East with a number of new techniques used by actors. These and other trends are covered in Kaspersky Lab’s latest quarterly threat intelligence summary.

 

In the first quarter of 2018, Kaspersky Lab researchers continued to detect cyber activities by advanced persistent threat (APT) groups speaking languages including Russian, Chinese, English and Korean, among others. And while some well-known actors didn’t show any noteworthy activity, a rising number of APT operations and new threat actors were detected in the Asian region. This rise is explained in part by the Olympic Destroyer malware attack on the Pyeongchang Olympic Games.

 

Highlights in Q1, 2018 include:

  • Continuous rise of Chinese-speaking activity, including the ShaggyPanther cluster of activity targeting government entities mainly in Taiwan and Malaysia, and CardinalLizard, which in 2018 increased its interest in Malaysia alongside an existing focus on the Philippines, Russia, and Mongolia.
  • Recorded APT activity in South Asia. Pakistan military entities have been under attack from the newly discovered Sidewinder group.
  • IronHusky APT apparently stops targeting Russian military actors and transfers all its efforts to Mongolia. At the end of January 2018, this Chinese-speaking actor launched an attack campaign on Mongolian government organizations before their meeting with the International Monetary Fund (IMF).
  • Korean peninsula remains in focus. The Kimsuky APT, targeting South Korean think tanks and political activities, has renewed its arsenal with a completely new framework designed for cyberespionage and used in a spear-phishing campaign. Furthermore, a subset of the infamous Lazarus group, Bluenoroff, has shifted to new targets including cryptocurrency companies and Point of Sales (PoS).

 

Kaspersky Lab also detected a peak of threat activity in the Middle East. For example, the StrongPity APT launched a number of new Man-in-the-Middle (MiTM) attacks on internet service provider (ISP) networks. Another highly skilled cybercriminal group, the Desert Falcons, returned to target Android devices with malware previously used in 2014.

 

Also, in Q1, Kaspersky Lab researchers discovered several groups routinely targeting routers and networking hardware in their campaigns, an approach adopted years ago by actors such as Regin and CloudAtlas. According to experts, routers will continue to be a target for attackers as a way of getting a foothold in a victim´s infrastructure.

 

During the first three months of the year we saw a number of new threat groups of different levels of sophistication, but which, overall, were using the most common and available malware tools. At the same time, we observed no significant activity from some well-known actors. This leads us to believe that they are rethinking their strategies and reorganizing their teams for future attacks.” said Vicente Diaz, Principal Security Researcher at Kaspersky Lab GReAT team.

 

The newly published Q1 APT Trends report summarizes the findings of Kaspersky Lab’s subscriber-only threat intelligence reports. During the first quarter of 2018, Kaspersky Lab’s Global Research and Analysis Team created 27 private reports for subscribers, with Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting.

 

For more information, please contact: intelreports@kaspersky.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
Love Is Getting in the Way of Users’ Internet Security, Warns Kaspersky Lab
Techworld Date Posted: 23 March 2018 1:21 PM | 330 Views
If you’re in a relationship, ask yourself this question – are you the cyber-savvy one of the two? Or are you the one that’s always leaning on your partner for help when you have.... See More
 
Love Is Getting in the Way of Users’ Internet Security, Warns Kaspersky Lab
Techworld Date Posted: 1:21 PM | 330 Views
If you’re in a relationship, ask yourself this question – are you the cyber-savvy one of the two? Or are you the one that’s always leaning on your partner for help when you have...See More

 
CORSAIR and Lenovo Join Forces to Bring VENGEANCE LPX DDR4 to the Lenovo Legion™ Y920 Tower
Techworld Date Posted: 24 August 2017 10:44 AM | 253 Views
CORSAIR, a world leader in PC components, high-performance gaming hardware and enthusiast memory, today announced an exclusive OEM partnership with Lenovo to bring performance, overclockable memory to Lenovo's range of gaming PCs. Combining CORSAIR's.... See More
 
CORSAIR and Lenovo Join Forces to Bring VENGEANCE LPX DDR4 to the Lenovo Legion™ Y920 Tower
Techworld Date Posted: 10:44 AM | 253 Views
CORSAIR, a world leader in PC components, high-performance gaming hardware and enthusiast memory, today announced an exclusive OEM partnership with Lenovo to bring performance, overclockable memory to Lenovo's range of gaming PCs. Combining CORSAIR's...See More

 
Plextor M8PeG Spotted in MSI®’s New Gaming Desktop Aegis Ti3
Techworld Date Posted: 31 January 2017 3:35 PM | 550 Views
MSI® has updated its gaming desktop computer lineup at the recent CES 2017. See More
 
Plextor M8PeG Spotted in MSI®’s New Gaming Desktop Aegis Ti3
Techworld Date Posted: 3:35 PM | 550 Views
MSI® has updated its gaming desktop computer lineup at the recent CES 2017See More

 
Power Mac Center Boosts Customer Care with New Service Center Mobile App
Techworld Date Posted: 26 October 2017 1:25 PM | 358 Views
As part of its commitment to provide premium service every day, premier Apple reseller Power Mac Center is launching PMCService,. See More
 
Power Mac Center Boosts Customer Care with New Service Center Mobile App
Techworld Date Posted: 1:25 PM | 358 Views
As part of its commitment to provide premium service every day, premier Apple reseller Power Mac Center is launching PMCService,See More

 
AOC Takes the Lead in the Philippine Market Share throughout 2017
Techworld Date Posted: 31 July 2018 3:45 PM | 636 Views
The most recent report from the International Data Corporation (IDC), the world’s premiere global market intelligence firm, has confirmed that AOC under the Multi Media Display (MMD) group has retained its spot in Philippine.... See More
 
AOC Takes the Lead in the Philippine Market Share throughout 2017
Techworld Date Posted: 3:45 PM | 636 Views
The most recent report from the International Data Corporation (IDC), the world’s premiere global market intelligence firm, has confirmed that AOC under the Multi Media Display (MMD) group has retained its spot in Philippine...See More

 
Nokia Smartphones Serve First Slice of Android™ 9 Pie
Techworld Date Posted: 23 October 2018 10:42 AM | 126 Views
HMD Global, the home of Nokia phones, has announced that Android™ 9 is already available for the Nokia 6.1 Plus via Nokia phones beta labs. This follows the Nokia 7 Plus. See More
 
Nokia Smartphones Serve First Slice of Android™ 9 Pie
Techworld Date Posted: 10:42 AM | 126 Views
HMD Global, the home of Nokia phones, has announced that Android™ 9 is already available for the Nokia 6.1 Plus via Nokia phones beta labs. This follows the Nokia 7 PlusSee More

 
Playing an Integral Part of the Nation’s Modernization through Security, Fire and Safety
Techworld Date Posted: 7 August 2018 10:14 AM | 477 Views
The second edition of the Philippines’ leading security, fire and safety event, IFSEC Philippines took place on 29 May – 1 June 2018 at the SMX Convention Center. Attended by 3,879 visitors from around.... See More
 
Playing an Integral Part of the Nation’s Modernization through Security, Fire and Safety
Techworld Date Posted: 10:14 AM | 477 Views
The second edition of the Philippines’ leading security, fire and safety event, IFSEC Philippines took place on 29 May – 1 June 2018 at the SMX Convention Center. Attended by 3,879 visitors from around...See More

 
Nokia Gets into the Beat of the New Year
Techworld Date Posted: 9 January 2018 1:36 PM | 306 Views
Get into the Beat this new year with HMD Global, the home of Nokia phones. With any purchase of a Nokia Android smartphone, consumers will receive a free JBL GO Portable Bluetooth Speaker.. See More
 
Nokia Gets into the Beat of the New Year
Techworld Date Posted: 1:36 PM | 306 Views
Get into the Beat this new year with HMD Global, the home of Nokia phones. With any purchase of a Nokia Android smartphone, consumers will receive a free JBL GO Portable Bluetooth Speaker.See More

 
Get Lucky with MSI Gaming PH’s Treasure Hunt Promo Starting This January
Techworld Date Posted: 24 January 2018 4:49 PM | 388 Views
MSI, one of the leading gaming laptop brands, announces their “Treasure Hunt” promo in celebration with the upcoming Chinese New Year. . See More
 
Get Lucky with MSI Gaming PH’s Treasure Hunt Promo Starting This January
Techworld Date Posted: 4:49 PM | 388 Views
MSI, one of the leading gaming laptop brands, announces their “Treasure Hunt” promo in celebration with the upcoming Chinese New Year. See More

 
Cybercriminals Targeted at Least 400 Industrial Companies with Spear-Phishing Attack for Financial Gain
Techworld Date Posted: 6 August 2018 4:32 PM | 508 Views
Kaspersky Lab researchers have detected a new wave of financial spear-phishing emails disguised as legitimate procurement and accounting letters that hit at least 400 industrial organizations in an attempt to earn money for the.... See More
 
Cybercriminals Targeted at Least 400 Industrial Companies with Spear-Phishing Attack for Financial Gain
Techworld Date Posted: 4:32 PM | 508 Views
Kaspersky Lab researchers have detected a new wave of financial spear-phishing emails disguised as legitimate procurement and accounting letters that hit at least 400 industrial organizations in an attempt to earn money for the...See More


Power by

Download Free AZ | Free Wordpress Themes