During the second three months of 2018, Kaspersky Lab researchers observed an active landscape of APT operations, based mainly in Asia and involving both well-known and less familiar threat actors.

 

A number of groups targeted or timed their campaigns around sensitive geopolitical incidents. These and other trends are covered in Kaspersky Lab’s latest quarterly threat intelligence summary.

 

In the second quarter of 2018, Kaspersky Lab researchers continued to uncover new tools, techniques and campaigns being launched by advanced persistent threat (APT) groups, some of which had been quiet for years.

 

Asia remained the epicenter of APT interest: regional groups, such as the Korean-speaking Lazarus and Scarcruft were particularly busy, and researchers discovered an implant called LightNeuron being used by the Russian-speaking Turla to target Central Asia and the Middle East.

 

Highlights in Q2, 2018 include:

  • The return of the actor behind Olympic Destroyer. After its January 2018 attack against the Pyeongchang Winter Olympic games, researchers discovered what they believed was new activity by this actor, targeting financial organizations in Russia, and biochemical threat prevention laboratories in Europe and Ukraine. A number of indicators suggest a low to medium confidence link between Olympic Destroyer and the Russian speaking threat actor, Sofacy.
  • Lazarus/BlueNoroff. There were indications that this high profile APT was targeting financial institutions in Turkey as part of a bigger cyberespionage campaign, as well as casinos in Latin America. These operations suggest that financially motivated activity continues for this group, despite the ongoing North Korean peace talks.
  • The researchers observed relatively high activity from the Scarcruft APT, with the threat actor using Android malware and launching an operation with a new backdoor researchers have named POORWEB.
  • The LuckyMouse APT, a Chinese-speaking threat actor also known as APT 27, which had previously been observed abusing ISPs in Asia for waterhole attacks through high profile websites, was also found to be actively targeting Kazakh and Mongolian governmental entities around the time these governments held their meeting in China.
  • The VPNFilter campaign uncovered by Cisco Talos and attributed by the FBI to Sofacy or Sandworm, revealed the immense vulnerability to attack of domestic networking hardware and storage solutions. The threat can even inject malware into traffic in order to infect computers behind the infected networking device. Kaspersky Lab’s analysis confirmed that traces of this campaign can be found in almost every single country.

 

“The second quarter of 2018 was very interesting in terms of APT activity, with a few remarkable campaigns that remind us how real some of the threats we have been predicting over the last few years have become. In particular, we have warned repeatedly that networking hardware is ideally suited to targeted attacks and highlighted the existence and spread of advanced activity focusing on these devices.” said Vicente Diaz, Principal Security Researcher in the Kaspersky Lab GReAT team.

 

The Q2 APT Trends report summarizes the findings of Kaspersky Lab’s subscriber-only threat intelligence reports, which also include Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting. For more information, please contact: intelreports@kaspersky.com

 

The Q2 APT Trends summary report can be found on Securelist.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Fortinet Predicts Highly Destructive and Self-Learning “Swarm” Cyber Attacks in 2018
Techworld Date Posted: 13 December 2017 4:02 PM | 314 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today unveiled predictions from the Fortinet FortiGuard Labs global research team about the threat landscape for 2018. The trends reveal the methods and strategies.... See More
 
Fortinet Predicts Highly Destructive and Self-Learning “Swarm” Cyber Attacks in 2018
Techworld Date Posted: 4:02 PM | 314 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today unveiled predictions from the Fortinet FortiGuard Labs global research team about the threat landscape for 2018. The trends reveal the methods and strategies...See More

 
Power Mac Center’s Official Statement on the iPhone Battery Servicing
Techworld Date Posted: 22 January 2018 2:45 PM | 55 Views
In light of Apple’s official communication regarding the chemical aging issue of batteries on older iPhone units, Power Mac Center,. See More
 
Power Mac Center’s Official Statement on the iPhone Battery Servicing
Techworld Date Posted: 2:45 PM | 55 Views
In light of Apple’s official communication regarding the chemical aging issue of batteries on older iPhone units, Power Mac Center,See More

 
OpenSignal Cites Smart for Having the Country’s Fastest LTE Network
Techworld Date Posted: 17 April 2018 1:46 PM | 72 Views
Mobile analytics firm OpenSignal has recognized PLDT wireless unit Smart Communications, Inc. for having the country’s fastest LTE network, bestowing the company four citations including best in 4G LTE download speed; best in overall.... See More
 
OpenSignal Cites Smart for Having the Country’s Fastest LTE Network
Techworld Date Posted: 1:46 PM | 72 Views
Mobile analytics firm OpenSignal has recognized PLDT wireless unit Smart Communications, Inc. for having the country’s fastest LTE network, bestowing the company four citations including best in 4G LTE download speed; best in overall...See More

 
Reward Yourself This Payday with Nokia Mobile’s Weekend Promos
Techworld Date Posted: 15 March 2019 4:47 PM | 63 Views
HMD Global, the home of Nokia phones, today announced its latest offering for Nokia fans, just in time for the payday weekends this March.. See More
 
Reward Yourself This Payday with Nokia Mobile’s Weekend Promos
Techworld Date Posted: 4:47 PM | 63 Views
HMD Global, the home of Nokia phones, today announced its latest offering for Nokia fans, just in time for the payday weekends this March.See More

 
Go Deeper into the Void – CORSAIR Announces New Lineup of VOID PRO Gaming Headsets
Techworld Date Posted: 23 August 2017 11:33 AM | 54 Views
CORSAIR, a world leader in enthusiast memory, PC components and high-performance gaming hardware, today announced the release of its new range of VOID PRO gaming headsets. When you're deep in the game and sound.... See More
 
Go Deeper into the Void – CORSAIR Announces New Lineup of VOID PRO Gaming Headsets
Techworld Date Posted: 11:33 AM | 54 Views
CORSAIR, a world leader in enthusiast memory, PC components and high-performance gaming hardware, today announced the release of its new range of VOID PRO gaming headsets. When you're deep in the game and sound...See More

 
Kaspersky Lab Bags Two Wins At Networks Asia Information Management Awards 2018
Techworld Date Posted: 11 June 2018 4:19 PM | 573 Views
(From left) Jesmond Chang, Head of Corporate Communications for Kaspersky Lab APAC, receives the award from Nikolay Novozhilov, Head of Digital Products at NTUC Link   Kaspersky Lab announced its win of two cybersecurity.... See More
 
Kaspersky Lab Bags Two Wins At Networks Asia Information Management Awards 2018
Techworld Date Posted: 4:19 PM | 573 Views
(From left) Jesmond Chang, Head of Corporate Communications for Kaspersky Lab APAC, receives the award from Nikolay Novozhilov, Head of Digital Products at NTUC Link   Kaspersky Lab announced its win of two cybersecurity...See More

 
PLDT, Smart Are PH’s Fastest Fixed, Mobile Networks in 2018
Techworld Date Posted: 5 March 2019 8:45 AM | 56 Views
PLDT and its wireless subsidiary Smart Communications, Inc. (Smart) are the country’s fastest fixed and mobile networks for 2018, according to Ookla, the global leader in internet testing and analysis.. See More
 
PLDT, Smart Are PH’s Fastest Fixed, Mobile Networks in 2018
Techworld Date Posted: 8:45 AM | 56 Views
PLDT and its wireless subsidiary Smart Communications, Inc. (Smart) are the country’s fastest fixed and mobile networks for 2018, according to Ookla, the global leader in internet testing and analysis.See More

 
Realme C1: King of Entry Level Smartphones Is Now Ready for Its First Flash Sale on December 5th 12NN
Techworld Date Posted: 4 December 2018 5:07 PM | 80 Views
Realme Philippines, the newest game changer smartphone brand in the Philippines recently unveiled its first smartphone in the country, the Realme C1.. See More
 
Realme C1: King of Entry Level Smartphones Is Now Ready for Its First Flash Sale on December 5th 12NN
Techworld Date Posted: 5:07 PM | 80 Views
Realme Philippines, the newest game changer smartphone brand in the Philippines recently unveiled its first smartphone in the country, the Realme C1.See More

 
Love Is Getting in the Way of Users’ Internet Security, Warns Kaspersky Lab
Techworld Date Posted: 23 March 2018 1:21 PM | 52 Views
If you’re in a relationship, ask yourself this question – are you the cyber-savvy one of the two? Or are you the one that’s always leaning on your partner for help when you have.... See More
 
Love Is Getting in the Way of Users’ Internet Security, Warns Kaspersky Lab
Techworld Date Posted: 1:21 PM | 52 Views
If you’re in a relationship, ask yourself this question – are you the cyber-savvy one of the two? Or are you the one that’s always leaning on your partner for help when you have...See More

 
SAP Calls for Public and Private Sector Organisations in the Philippines to Harness the Power of Data
Techworld Date Posted: 23 August 2017 1:34 PM | 389 Views
On photo: Ryan Poggi, Managing Director, SAP Philippines and Kathleen Muller, Head of Analytics and Insight, SAP Southeast Asia SAP SE (NYSE: SAP) said today it has harnessed its digital core, bold technologies of the.... See More
 
SAP Calls for Public and Private Sector Organisations in the Philippines to Harness the Power of Data
Techworld Date Posted: 1:34 PM | 389 Views
On photo: Ryan Poggi, Managing Director, SAP Philippines and Kathleen Muller, Head of Analytics and Insight, SAP Southeast Asia SAP SE (NYSE: SAP) said today it has harnessed its digital core, bold technologies of the...See More


Power by

Download Free AZ | Free Wordpress Themes