During the first three months of the year, Kaspersky Lab researchers discovered a wave of new APT activity based mainly in Asia – more than 30% of Q1 reports were dedicated to threat operations in this region. A peak of activity was also observed in the Middle East with a number of new techniques used by actors. These and other trends are covered in Kaspersky Lab’s latest quarterly threat intelligence summary.

 

In the first quarter of 2018, Kaspersky Lab researchers continued to detect cyber activities by advanced persistent threat (APT) groups speaking languages including Russian, Chinese, English and Korean, among others. And while some well-known actors didn’t show any noteworthy activity, a rising number of APT operations and new threat actors were detected in the Asian region. This rise is explained in part by the Olympic Destroyer malware attack on the Pyeongchang Olympic Games.

 

Highlights in Q1, 2018 include:

  • Continuous rise of Chinese-speaking activity, including the ShaggyPanther cluster of activity targeting government entities mainly in Taiwan and Malaysia, and CardinalLizard, which in 2018 increased its interest in Malaysia alongside an existing focus on the Philippines, Russia, and Mongolia.
  • Recorded APT activity in South Asia. Pakistan military entities have been under attack from the newly discovered Sidewinder group.
  • IronHusky APT apparently stops targeting Russian military actors and transfers all its efforts to Mongolia. At the end of January 2018, this Chinese-speaking actor launched an attack campaign on Mongolian government organizations before their meeting with the International Monetary Fund (IMF).
  • Korean peninsula remains in focus. The Kimsuky APT, targeting South Korean think tanks and political activities, has renewed its arsenal with a completely new framework designed for cyberespionage and used in a spear-phishing campaign. Furthermore, a subset of the infamous Lazarus group, Bluenoroff, has shifted to new targets including cryptocurrency companies and Point of Sales (PoS).

 

Kaspersky Lab also detected a peak of threat activity in the Middle East. For example, the StrongPity APT launched a number of new Man-in-the-Middle (MiTM) attacks on internet service provider (ISP) networks. Another highly skilled cybercriminal group, the Desert Falcons, returned to target Android devices with malware previously used in 2014.

 

Also, in Q1, Kaspersky Lab researchers discovered several groups routinely targeting routers and networking hardware in their campaigns, an approach adopted years ago by actors such as Regin and CloudAtlas. According to experts, routers will continue to be a target for attackers as a way of getting a foothold in a victim´s infrastructure.

 

During the first three months of the year we saw a number of new threat groups of different levels of sophistication, but which, overall, were using the most common and available malware tools. At the same time, we observed no significant activity from some well-known actors. This leads us to believe that they are rethinking their strategies and reorganizing their teams for future attacks.” said Vicente Diaz, Principal Security Researcher at Kaspersky Lab GReAT team.

 

The newly published Q1 APT Trends report summarizes the findings of Kaspersky Lab’s subscriber-only threat intelligence reports. During the first quarter of 2018, Kaspersky Lab’s Global Research and Analysis Team created 27 private reports for subscribers, with Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting.

 

For more information, please contact: intelreports@kaspersky.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
Epson Wins Good Design Awards for Projectors, Printers, and Scanner
Techworld Date Posted: 7 December 2018 4:35 PM | 75 Views
Seiko Epson Corporation (TSE: 6724, "Epson") has won a 2018 Good Design Award for a total of eight designs, including three for projectors, four for printers, and one for a scanner.. See More
 
Epson Wins Good Design Awards for Projectors, Printers, and Scanner
Techworld Date Posted: 4:35 PM | 75 Views
Seiko Epson Corporation (TSE: 6724, "Epson") has won a 2018 Good Design Award for a total of eight designs, including three for projectors, four for printers, and one for a scanner.See More

 
Apacer AC532 USB 3.1 Gen 1 Portable Hard Drive: Anti-Vibration Internal Suspension Structure, 1-Meter Shockproof and Anti-Slip Design
Techworld Date Posted: 23 August 2017 11:30 AM | 274 Views
Apacer launches the brand-new AC532, a classic portable hard drive combining a slim shape with great protection design, making it a high price-performance choice in portable hard drives. AC532 is equipped with an anti.... See More
 
Apacer AC532 USB 3.1 Gen 1 Portable Hard Drive: Anti-Vibration Internal Suspension Structure, 1-Meter Shockproof and Anti-Slip Design
Techworld Date Posted: 11:30 AM | 274 Views
Apacer launches the brand-new AC532, a classic portable hard drive combining a slim shape with great protection design, making it a high price-performance choice in portable hard drives. AC532 is equipped with an anti...See More

 
SILVERSTONE TECHNOLOGY LAUNCHES 2018 PRODUCT LINE
Techworld Date Posted: 4 May 2018 3:22 PM | 445 Views
SilverStone Technology Co., Ltd. (SST), one of the biggest designers and manufacturers of computer parts and accessories in the world introduces their 2018 product line in the Philippines with a Launch Party for its.... See More
 
SILVERSTONE TECHNOLOGY LAUNCHES 2018 PRODUCT LINE
Techworld Date Posted: 3:22 PM | 445 Views
SilverStone Technology Co., Ltd. (SST), one of the biggest designers and manufacturers of computer parts and accessories in the world introduces their 2018 product line in the Philippines with a Launch Party for its...See More

 
26 Per Cent of Ransomware Attacks Now Target Business – Rapidly-Evolving Ransomware Remains a Top Threat
Techworld Date Posted: 1 December 2017 11:42 AM | 241 Views
In 2017, 26.2 per cent those targeted by ransomware were business users, compared to 22.6 per cent in 2016. See More
 
26 Per Cent of Ransomware Attacks Now Target Business – Rapidly-Evolving Ransomware Remains a Top Threat
Techworld Date Posted: 11:42 AM | 241 Views
In 2017, 26.2 per cent those targeted by ransomware were business users, compared to 22.6 per cent in 2016See More

 
MTECH 2018 Rides on ‘A New Wave of Disruption’
Techworld Date Posted: 11 December 2018 2:07 PM | 119 Views
Since its first staging in 2015, the Meralco Technology and Innovation Summit (MTECH) has provided a venue for its employees and industry stakeholders to learn and experience new technologies relevant to utilities, and more.... See More
 
MTECH 2018 Rides on ‘A New Wave of Disruption’
Techworld Date Posted: 2:07 PM | 119 Views
Since its first staging in 2015, the Meralco Technology and Innovation Summit (MTECH) has provided a venue for its employees and industry stakeholders to learn and experience new technologies relevant to utilities, and more...See More

 
Kaspersky Lab Appeals U.S. Department of Homeland Security Debarment
Techworld Date Posted: 19 December 2017 11:46 AM | 221 Views
Kaspersky Lab announced today that it is seeking an appeal in federal court of U.S. Department of Homeland Security’s (DHS) decision on Binding Operational Directive 17-01 banning the use of the company’s products in.... See More
 
Kaspersky Lab Appeals U.S. Department of Homeland Security Debarment
Techworld Date Posted: 11:46 AM | 221 Views
Kaspersky Lab announced today that it is seeking an appeal in federal court of U.S. Department of Homeland Security’s (DHS) decision on Binding Operational Directive 17-01 banning the use of the company’s products in...See More

 
ADATA Announces IUSP33F PCIe BGA SSD
Techworld Date Posted: 11 September 2018 11:04 AM | 110 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, has launched the ADATA IUSP33F PCIe ball grid array (BGA) solid state drive (SSD).. See More
 
ADATA Announces IUSP33F PCIe BGA SSD
Techworld Date Posted: 11:04 AM | 110 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, has launched the ADATA IUSP33F PCIe ball grid array (BGA) solid state drive (SSD).See More

 
Predictions: AI Fuzzing and Machine Learning Poisoning
Techworld Date Posted: 27 December 2018 4:39 PM | 88 Views
  For many criminal organizations, attack techniques are evaluated not only in terms of their effectiveness, but in the overhead required to develop, modify, and implement them. To maximize revenue, for example, they are.... See More
 
Predictions: AI Fuzzing and Machine Learning Poisoning
Techworld Date Posted: 4:39 PM | 88 Views
  For many criminal organizations, attack techniques are evaluated not only in terms of their effectiveness, but in the overhead required to develop, modify, and implement them. To maximize revenue, for example, they are...See More

 
Transcend Is Honored with Four Taiwan Excellence Awards 2018
Techworld Date Posted: 3 January 2018 2:18 PM | 149 Views
Transcend Information, Inc. (Transcend®), a worldwide leader in storage and multimedia products, is proud to announce that four of its cutting-edge products have been awarded the 2018 Taiwan Excellence Award for their innovation. See More
 
Transcend Is Honored with Four Taiwan Excellence Awards 2018
Techworld Date Posted: 2:18 PM | 149 Views
Transcend Information, Inc. (Transcend®), a worldwide leader in storage and multimedia products, is proud to announce that four of its cutting-edge products have been awarded the 2018 Taiwan Excellence Award for their innovationSee More

Frank Emmanuel Trazo
Adaptability and Stability
Techworld • By: Frank Emmanuel Trazo | Date Posted: 2 August 2017 2:42 PM | 488 Views
California-based multinational computer technology corporation Oracle continues to push on innovating their Security Operation Center (SOC) cloud service, a cloud-native, management, and identity-based platform designed for every company's security systems. Oracle aims to improve.... See More
Frank Emmanuel Trazo
Adaptability and Stability
Techworld • By: Frank Emmanuel Trazo | Date Posted: 2:42 PM | 488 Views
California-based multinational computer technology corporation Oracle continues to push on innovating their Security Operation Center (SOC) cloud service, a cloud-native, management, and identity-based platform designed for every company's security systems. Oracle aims to improve...See More


Power by

Download Free AZ | Free Wordpress Themes