During the second three months of 2018, Kaspersky Lab researchers observed an active landscape of APT operations, based mainly in Asia and involving both well-known and less familiar threat actors.

 

A number of groups targeted or timed their campaigns around sensitive geopolitical incidents. These and other trends are covered in Kaspersky Lab’s latest quarterly threat intelligence summary.

 

In the second quarter of 2018, Kaspersky Lab researchers continued to uncover new tools, techniques and campaigns being launched by advanced persistent threat (APT) groups, some of which had been quiet for years.

 

Asia remained the epicenter of APT interest: regional groups, such as the Korean-speaking Lazarus and Scarcruft were particularly busy, and researchers discovered an implant called LightNeuron being used by the Russian-speaking Turla to target Central Asia and the Middle East.

 

Highlights in Q2, 2018 include:

  • The return of the actor behind Olympic Destroyer. After its January 2018 attack against the Pyeongchang Winter Olympic games, researchers discovered what they believed was new activity by this actor, targeting financial organizations in Russia, and biochemical threat prevention laboratories in Europe and Ukraine. A number of indicators suggest a low to medium confidence link between Olympic Destroyer and the Russian speaking threat actor, Sofacy.
  • Lazarus/BlueNoroff. There were indications that this high profile APT was targeting financial institutions in Turkey as part of a bigger cyberespionage campaign, as well as casinos in Latin America. These operations suggest that financially motivated activity continues for this group, despite the ongoing North Korean peace talks.
  • The researchers observed relatively high activity from the Scarcruft APT, with the threat actor using Android malware and launching an operation with a new backdoor researchers have named POORWEB.
  • The LuckyMouse APT, a Chinese-speaking threat actor also known as APT 27, which had previously been observed abusing ISPs in Asia for waterhole attacks through high profile websites, was also found to be actively targeting Kazakh and Mongolian governmental entities around the time these governments held their meeting in China.
  • The VPNFilter campaign uncovered by Cisco Talos and attributed by the FBI to Sofacy or Sandworm, revealed the immense vulnerability to attack of domestic networking hardware and storage solutions. The threat can even inject malware into traffic in order to infect computers behind the infected networking device. Kaspersky Lab’s analysis confirmed that traces of this campaign can be found in almost every single country.

 

“The second quarter of 2018 was very interesting in terms of APT activity, with a few remarkable campaigns that remind us how real some of the threats we have been predicting over the last few years have become. In particular, we have warned repeatedly that networking hardware is ideally suited to targeted attacks and highlighted the existence and spread of advanced activity focusing on these devices.” said Vicente Diaz, Principal Security Researcher in the Kaspersky Lab GReAT team.

 

The Q2 APT Trends report summarizes the findings of Kaspersky Lab’s subscriber-only threat intelligence reports, which also include Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting. For more information, please contact: intelreports@kaspersky.com

 

The Q2 APT Trends summary report can be found on Securelist.


RECOMMENDED ARTICLE FOR TECHWORLD


Rafael Aquino
Steam Sales: HOW AND WHY
Techworld • By: Rafael Aquino | Date Posted: 14 August 2017 9:30 AM | 297 Views
Steam sales are a massive tip against the balance of the game world. It's why everyone looks into Steam for a cheap game. ("Ooh check that game! OMG! It must be on sale on.... See More
Rafael Aquino
Steam Sales: HOW AND WHY
Techworld • By: Rafael Aquino | Date Posted: 9:30 AM | 297 Views
Steam sales are a massive tip against the balance of the game world. It's why everyone looks into Steam for a cheap game. ("Ooh check that game! OMG! It must be on sale on...See More

 
Fortinet Offers Essential Cyber-Safety Tips Amidst Escalating Cyber-Attacks
Techworld Date Posted: 21 September 2017 1:22 PM | 521 Views
Fortinet, the global leader in high-performance cyber security solutions, warns businesses and individuals in Philippines to brace for escalating cyber-attacks as cyber-criminals expand their targets to home network devices and mobile devices. Fortinet's latest.... See More
 
Fortinet Offers Essential Cyber-Safety Tips Amidst Escalating Cyber-Attacks
Techworld Date Posted: 1:22 PM | 521 Views
Fortinet, the global leader in high-performance cyber security solutions, warns businesses and individuals in Philippines to brace for escalating cyber-attacks as cyber-criminals expand their targets to home network devices and mobile devices. Fortinet's latest...See More

 
UBTECH Robotics Introduces the Alpha1 Pro Humanoid Robot to Philippines
Techworld Date Posted: 28 September 2017 4:33 PM | 480 Views
UBTECH Robotics, the company best known globally as the industry leader in artificial intelligence and humanoid robotics today introduced the Alpha1 Pro interactive consumer robot in the Philippines. Alpha1 Pro is a household programmable humanoid.... See More
 
UBTECH Robotics Introduces the Alpha1 Pro Humanoid Robot to Philippines
Techworld Date Posted: 4:33 PM | 480 Views
UBTECH Robotics, the company best known globally as the industry leader in artificial intelligence and humanoid robotics today introduced the Alpha1 Pro interactive consumer robot in the Philippines. Alpha1 Pro is a household programmable humanoid...See More

 
OPPO F7 Breaks New Ground in Capturing True Beauty
Techworld Date Posted: 21 April 2018 1:52 PM | 593 Views
Now available for Philippine smartphone users, the all-new, highly anticipated OPPO F7 brings forth a new standard to smartphone photography with a new 25MP front-facing camera, powered by a best-in-class A.I. Beauty Technology 2.0.... See More
 
OPPO F7 Breaks New Ground in Capturing True Beauty
Techworld Date Posted: 1:52 PM | 593 Views
Now available for Philippine smartphone users, the all-new, highly anticipated OPPO F7 brings forth a new standard to smartphone photography with a new 25MP front-facing camera, powered by a best-in-class A.I. Beauty Technology 2.0...See More

 
Kaspersky Lab Publishes Results of Internal Investigation Related to Incident with Equation APT Source Code
Techworld Date Posted: 17 November 2017 11:24 AM | 295 Views
In early October, a story was published in The Wall Street Journal alleging Kaspersky Lab software was used to download classified data from an NSA employee’s home computer. . See More
 
Kaspersky Lab Publishes Results of Internal Investigation Related to Incident with Equation APT Source Code
Techworld Date Posted: 11:24 AM | 295 Views
In early October, a story was published in The Wall Street Journal alleging Kaspersky Lab software was used to download classified data from an NSA employee’s home computer. See More

 
From Careless to Careful: Top Tips to Secure BYOD in the Workplace
Techworld Date Posted: 20 October 2018 9:06 AM | 107 Views
On the heels of the latest breaches against widely-used online platforms Facebook and Google that affected millions of users worldwide, Kaspersky Lab today puts the spotlight on the role of employees in keeping companies.... See More
 
From Careless to Careful: Top Tips to Secure BYOD in the Workplace
Techworld Date Posted: 9:06 AM | 107 Views
On the heels of the latest breaches against widely-used online platforms Facebook and Google that affected millions of users worldwide, Kaspersky Lab today puts the spotlight on the role of employees in keeping companies...See More

 
Get the Best Deals for Your Family This Christmas with the PLDT Christmas 3 Bundle Promo
Techworld Date Posted: 21 December 2017 5:04 PM | 349 Views
It’s the season of gift-giving and PLDT has the perfect present for the digitally savvy and entertainment-loving Filipino families.. See More
 
Get the Best Deals for Your Family This Christmas with the PLDT Christmas 3 Bundle Promo
Techworld Date Posted: 5:04 PM | 349 Views
It’s the season of gift-giving and PLDT has the perfect present for the digitally savvy and entertainment-loving Filipino families.See More

Frank Emmanuel Trazo
Hewlett Packard Enterprise: One of Silicon Valley’s Pioneers
Techworld • By: Frank Emmanuel Trazo | Date Posted: 22 June 2017 9:03 AM | 1328 Views
Last May 2017, Hewlett Packard Enterprise (HPE) decided to open an Asia-Pacific headquarters in Singapore. . See More
Frank Emmanuel Trazo
Hewlett Packard Enterprise: One of Silicon Valley’s Pioneers
Techworld • By: Frank Emmanuel Trazo | Date Posted: 9:03 AM | 1328 Views
Last May 2017, Hewlett Packard Enterprise (HPE) decided to open an Asia-Pacific headquarters in Singapore. See More

 
Kaspersky Lab: How Instagram Accounts Get Hijacked
Techworld Date Posted: 14 September 2018 3:51 PM | 194 Views
Instagram is not just the second most popular social network in the world, but also a means of income for numerous photobloggers, models, and other Internet celebrities. Eye-catching accounts with many thousands of followers.... See More
 
Kaspersky Lab: How Instagram Accounts Get Hijacked
Techworld Date Posted: 3:51 PM | 194 Views
Instagram is not just the second most popular social network in the world, but also a means of income for numerous photobloggers, models, and other Internet celebrities. Eye-catching accounts with many thousands of followers...See More

 
IDC: Energy Companies in the Philippines Focus on Cost Management and Efficiency in Challenging Economic Situation
Techworld Date Posted: 9 August 2017 2:48 PM | 371 Views
The continuous pressure to support energy requirements for national growth in the Philippines urged local energy companies to prioritize on cost management and operational excellence. Local energy companies are finding new ways to maximize.... See More
 
IDC: Energy Companies in the Philippines Focus on Cost Management and Efficiency in Challenging Economic Situation
Techworld Date Posted: 2:48 PM | 371 Views
The continuous pressure to support energy requirements for national growth in the Philippines urged local energy companies to prioritize on cost management and operational excellence. Local energy companies are finding new ways to maximize...See More


Power by

Download Free AZ | Free Wordpress Themes