During the second three months of 2018, Kaspersky Lab researchers observed an active landscape of APT operations, based mainly in Asia and involving both well-known and less familiar threat actors.

 

A number of groups targeted or timed their campaigns around sensitive geopolitical incidents. These and other trends are covered in Kaspersky Lab’s latest quarterly threat intelligence summary.

 

In the second quarter of 2018, Kaspersky Lab researchers continued to uncover new tools, techniques and campaigns being launched by advanced persistent threat (APT) groups, some of which had been quiet for years.

 

Asia remained the epicenter of APT interest: regional groups, such as the Korean-speaking Lazarus and Scarcruft were particularly busy, and researchers discovered an implant called LightNeuron being used by the Russian-speaking Turla to target Central Asia and the Middle East.

 

Highlights in Q2, 2018 include:

  • The return of the actor behind Olympic Destroyer. After its January 2018 attack against the Pyeongchang Winter Olympic games, researchers discovered what they believed was new activity by this actor, targeting financial organizations in Russia, and biochemical threat prevention laboratories in Europe and Ukraine. A number of indicators suggest a low to medium confidence link between Olympic Destroyer and the Russian speaking threat actor, Sofacy.
  • Lazarus/BlueNoroff. There were indications that this high profile APT was targeting financial institutions in Turkey as part of a bigger cyberespionage campaign, as well as casinos in Latin America. These operations suggest that financially motivated activity continues for this group, despite the ongoing North Korean peace talks.
  • The researchers observed relatively high activity from the Scarcruft APT, with the threat actor using Android malware and launching an operation with a new backdoor researchers have named POORWEB.
  • The LuckyMouse APT, a Chinese-speaking threat actor also known as APT 27, which had previously been observed abusing ISPs in Asia for waterhole attacks through high profile websites, was also found to be actively targeting Kazakh and Mongolian governmental entities around the time these governments held their meeting in China.
  • The VPNFilter campaign uncovered by Cisco Talos and attributed by the FBI to Sofacy or Sandworm, revealed the immense vulnerability to attack of domestic networking hardware and storage solutions. The threat can even inject malware into traffic in order to infect computers behind the infected networking device. Kaspersky Lab’s analysis confirmed that traces of this campaign can be found in almost every single country.

 

“The second quarter of 2018 was very interesting in terms of APT activity, with a few remarkable campaigns that remind us how real some of the threats we have been predicting over the last few years have become. In particular, we have warned repeatedly that networking hardware is ideally suited to targeted attacks and highlighted the existence and spread of advanced activity focusing on these devices.” said Vicente Diaz, Principal Security Researcher in the Kaspersky Lab GReAT team.

 

The Q2 APT Trends report summarizes the findings of Kaspersky Lab’s subscriber-only threat intelligence reports, which also include Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting. For more information, please contact: intelreports@kaspersky.com

 

The Q2 APT Trends summary report can be found on Securelist.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Say Goodbye to Dead Spots at Home and Say Hello to Google WiFi! PLDT Teams Up with Google to Give You the Strongest and Seamless Connections at Home
Techworld Date Posted: 25 October 2018 2:32 PM | 258 Views
Nothing ruins an online experience like an interrupted connection. Whether you’re streaming the final episode of your favorite series, uploading an important file to make a deadline or video calling with your bestfriend abroad,.... See More
 
Say Goodbye to Dead Spots at Home and Say Hello to Google WiFi! PLDT Teams Up with Google to Give You the Strongest and Seamless Connections at Home
Techworld Date Posted: 2:32 PM | 258 Views
Nothing ruins an online experience like an interrupted connection. Whether you’re streaming the final episode of your favorite series, uploading an important file to make a deadline or video calling with your bestfriend abroad,...See More

 
Nokia 8 Flagship Android Smartphone Arrives in PH
Techworld Date Posted: 30 September 2017 11:39 AM | 310 Views
Ending weeks of anticipation, HMD Global unveils Nokia's new flagship smartphone, the Nokia 8, today at the Intramuros Ballroom, Manila House, Taguig.. See More
 
Nokia 8 Flagship Android Smartphone Arrives in PH
Techworld Date Posted: 11:39 AM | 310 Views
Ending weeks of anticipation, HMD Global unveils Nokia's new flagship smartphone, the Nokia 8, today at the Intramuros Ballroom, Manila House, Taguig.See More

 
Smart, YouTube Team Up to Connect Filipinos to the World of Video
Techworld Date Posted: 26 April 2018 5:12 PM | 412 Views
PLDT wireless arm Smart Communications Inc. (Smart) is giving Smart, TNT, and Sun prepaid customers free access for one hour daily to YouTube and soon to other online video services starting today until July.... See More
 
Smart, YouTube Team Up to Connect Filipinos to the World of Video
Techworld Date Posted: 5:12 PM | 412 Views
PLDT wireless arm Smart Communications Inc. (Smart) is giving Smart, TNT, and Sun prepaid customers free access for one hour daily to YouTube and soon to other online video services starting today until July...See More

 
NVIDIA® Sponsors Dota 2 Hotshots TNC Pro Team
Techworld Date Posted: 19 January 2018 5:00 PM | 1154 Views
NVIDIA® today announced its sponsorship of TNC Pro Team, a leading team of gamers in Defense of the Ancients 2, commonly known as Dota 2.. See More
 
NVIDIA® Sponsors Dota 2 Hotshots TNC Pro Team
Techworld Date Posted: 5:00 PM | 1154 Views
NVIDIA® today announced its sponsorship of TNC Pro Team, a leading team of gamers in Defense of the Ancients 2, commonly known as Dota 2.See More

 
Head in the Clouds: Humans Cause Nine Out of Ten Data Breached in the Cloud
Techworld Date Posted: 22 May 2019 9:01 AM | 19 Views
Incidents in public cloud infrastructure are more likely to happen because of a customer’s employees rather than actions carried out by cloud providers, according to a new Kaspersky Lab report –‘Understanding security of the.... See More
 
Head in the Clouds: Humans Cause Nine Out of Ten Data Breached in the Cloud
Techworld Date Posted: 9:01 AM | 19 Views
Incidents in public cloud infrastructure are more likely to happen because of a customer’s employees rather than actions carried out by cloud providers, according to a new Kaspersky Lab report –‘Understanding security of the...See More

 
Lenovo’s Gift Guide for the Holiday Season
Techworld Date Posted: 22 December 2018 2:56 PM | 163 Views
Looking for the perfect gadgets for yourself or to give away to your families and friends this Christmas? Lenovo, the world’s leading PC and smart devices developer has compiled the best tech gifts that.... See More
 
Lenovo’s Gift Guide for the Holiday Season
Techworld Date Posted: 2:56 PM | 163 Views
Looking for the perfect gadgets for yourself or to give away to your families and friends this Christmas? Lenovo, the world’s leading PC and smart devices developer has compiled the best tech gifts that...See More

 
Top F&B Distribution Company Multi-M Food Corporation Initiates Digital Transformation on the Cloud
Techworld Date Posted: 18 February 2019 11:05 AM | 194 Views
One of the top distribution companies of food service chains in the country, Multi-M Food Corporation (MMFC) announced that they are kicking off their digital transformation journey to transform their operations to continue their.... See More
 
Top F&B Distribution Company Multi-M Food Corporation Initiates Digital Transformation on the Cloud
Techworld Date Posted: 11:05 AM | 194 Views
One of the top distribution companies of food service chains in the country, Multi-M Food Corporation (MMFC) announced that they are kicking off their digital transformation journey to transform their operations to continue their...See More

Rafael Aquino
The Threadripper’s Simple Complexity
Techworld • By: Rafael Aquino | Date Posted: 29 July 2017 4:30 PM | 906 Views
The AMD Ryzen Threadripper is by far the most powerful processor to date. 12 cores and 24 threads each, that is absolutely dwarfing any other processor ever created in the history of mankind. But.... See More
Rafael Aquino
The Threadripper’s Simple Complexity
Techworld • By: Rafael Aquino | Date Posted: 4:30 PM | 906 Views
The AMD Ryzen Threadripper is by far the most powerful processor to date. 12 cores and 24 threads each, that is absolutely dwarfing any other processor ever created in the history of mankind. But...See More

 
Fortinet Survey Reveals 48% of APAC IT Decision Makers Are Confident of Their Cybersecurity Postures despite 86% of Organizations Being Breached
Techworld Date Posted: 15 December 2017 9:25 AM | 356 Views
Fortinet® (NASDAQ: FTNT), the global leader in broad, integrated and automated cybersecurity solutions, today revealed additional findings from its Global Enterprise Security Survey. According to the research, 40 percent of IT decision makers (ITDMs). See More
 
Fortinet Survey Reveals 48% of APAC IT Decision Makers Are Confident of Their Cybersecurity Postures despite 86% of Organizations Being Breached
Techworld Date Posted: 9:25 AM | 356 Views
Fortinet® (NASDAQ: FTNT), the global leader in broad, integrated and automated cybersecurity solutions, today revealed additional findings from its Global Enterprise Security Survey. According to the research, 40 percent of IT decision makers (ITDMs)See More

 
UBTECH Announces Arrival of Star Wars First Order Stormtrooper Robot with Companion App
Techworld Date Posted: 9 January 2018 4:50 PM | 410 Views
UBTECH Robotics, a global leader in intelligent humanoid robots, today announced its latest offering, the Star Wars First Order Stormtrooper Robot by UBTECH, is now available in retail stores and online.. See More
 
UBTECH Announces Arrival of Star Wars First Order Stormtrooper Robot with Companion App
Techworld Date Posted: 4:50 PM | 410 Views
UBTECH Robotics, a global leader in intelligent humanoid robots, today announced its latest offering, the Star Wars First Order Stormtrooper Robot by UBTECH, is now available in retail stores and online.See More


Power by

Download Free AZ | Free Wordpress Themes