During the second three months of 2018, Kaspersky Lab researchers observed an active landscape of APT operations, based mainly in Asia and involving both well-known and less familiar threat actors.

 

A number of groups targeted or timed their campaigns around sensitive geopolitical incidents. These and other trends are covered in Kaspersky Lab’s latest quarterly threat intelligence summary.

 

In the second quarter of 2018, Kaspersky Lab researchers continued to uncover new tools, techniques and campaigns being launched by advanced persistent threat (APT) groups, some of which had been quiet for years.

 

Asia remained the epicenter of APT interest: regional groups, such as the Korean-speaking Lazarus and Scarcruft were particularly busy, and researchers discovered an implant called LightNeuron being used by the Russian-speaking Turla to target Central Asia and the Middle East.

 

Highlights in Q2, 2018 include:

  • The return of the actor behind Olympic Destroyer. After its January 2018 attack against the Pyeongchang Winter Olympic games, researchers discovered what they believed was new activity by this actor, targeting financial organizations in Russia, and biochemical threat prevention laboratories in Europe and Ukraine. A number of indicators suggest a low to medium confidence link between Olympic Destroyer and the Russian speaking threat actor, Sofacy.
  • Lazarus/BlueNoroff. There were indications that this high profile APT was targeting financial institutions in Turkey as part of a bigger cyberespionage campaign, as well as casinos in Latin America. These operations suggest that financially motivated activity continues for this group, despite the ongoing North Korean peace talks.
  • The researchers observed relatively high activity from the Scarcruft APT, with the threat actor using Android malware and launching an operation with a new backdoor researchers have named POORWEB.
  • The LuckyMouse APT, a Chinese-speaking threat actor also known as APT 27, which had previously been observed abusing ISPs in Asia for waterhole attacks through high profile websites, was also found to be actively targeting Kazakh and Mongolian governmental entities around the time these governments held their meeting in China.
  • The VPNFilter campaign uncovered by Cisco Talos and attributed by the FBI to Sofacy or Sandworm, revealed the immense vulnerability to attack of domestic networking hardware and storage solutions. The threat can even inject malware into traffic in order to infect computers behind the infected networking device. Kaspersky Lab’s analysis confirmed that traces of this campaign can be found in almost every single country.

 

“The second quarter of 2018 was very interesting in terms of APT activity, with a few remarkable campaigns that remind us how real some of the threats we have been predicting over the last few years have become. In particular, we have warned repeatedly that networking hardware is ideally suited to targeted attacks and highlighted the existence and spread of advanced activity focusing on these devices.” said Vicente Diaz, Principal Security Researcher in the Kaspersky Lab GReAT team.

 

The Q2 APT Trends report summarizes the findings of Kaspersky Lab’s subscriber-only threat intelligence reports, which also include Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting. For more information, please contact: intelreports@kaspersky.com

 

The Q2 APT Trends summary report can be found on Securelist.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Realme 3 Marks PH Entry with Shopee Promo
Techworld Date Posted: 23 March 2019 10:14 AM | 520 Views
Budget smartphone disruptor realme 3 is finally here in the Philippines, ready to let Filipinos #DiscoverRealValue. To celebrate the arrival of the smartphone in the country, realme Philippines joins Shopee’s March 25 Flash Sale.... See More
 
Realme 3 Marks PH Entry with Shopee Promo
Techworld Date Posted: 10:14 AM | 520 Views
Budget smartphone disruptor realme 3 is finally here in the Philippines, ready to let Filipinos #DiscoverRealValue. To celebrate the arrival of the smartphone in the country, realme Philippines joins Shopee’s March 25 Flash Sale...See More

 
Stranger Danger A Third of Consumers Would Sell Their Private Data to Someone They Don’t Know
Techworld Date Posted: 24 April 2019 4:39 PM | 235 Views
Reckless data sharing online for short-term gains is leaving consumers exposed to more than they bargained for, according to new research from Kaspersky Lab1. Despite outrage and worry around high profile data sharing scandals,.... See More
 
Stranger Danger A Third of Consumers Would Sell Their Private Data to Someone They Don’t Know
Techworld Date Posted: 4:39 PM | 235 Views
Reckless data sharing online for short-term gains is leaving consumers exposed to more than they bargained for, according to new research from Kaspersky Lab1. Despite outrage and worry around high profile data sharing scandals,...See More

 
ZOWIE eXTREMESLAND Qualifiers Is Now Open
Techworld Date Posted: 26 July 2018 1:41 PM | 851 Views
BenQ Philippines in Partnership with ArkAngel Internet Café and WASD Philippines is proud to bring the Extremesland Official Philippine Qualifiers.. See More
 
ZOWIE eXTREMESLAND Qualifiers Is Now Open
Techworld Date Posted: 1:41 PM | 851 Views
BenQ Philippines in Partnership with ArkAngel Internet Café and WASD Philippines is proud to bring the Extremesland Official Philippine Qualifiers.See More

Rhea Sanvictores
Edifier Unveils First Concept Store in PH
Techworld • By: Rhea Sanvictores | Date Posted: 7 December 2018 3:53 PM | 2299 Views
Premium audio solutions corporation Edifier has gone the extra mile in showcasing technological innovation and design elegance with the opening of its pioneer concept store in the Philippines. . See More
Rhea Sanvictores
Edifier Unveils First Concept Store in PH
Techworld • By: Rhea Sanvictores | Date Posted: 3:53 PM | 2299 Views
Premium audio solutions corporation Edifier has gone the extra mile in showcasing technological innovation and design elegance with the opening of its pioneer concept store in the Philippines. See More

 
Managing Your Digital Footprint
Techworld Date Posted: 15 November 2019 4:26 PM | 318 Views
Managing Your Digital Footprint. See More
 
Managing Your Digital Footprint
Techworld Date Posted: 4:26 PM | 318 Views
Managing Your Digital FootprintSee More

 
Transcend Gives Back to Over 300 Kids with Metro World Child for the Sidewalk Sunday School Project
Techworld Date Posted: 6 October 2018 9:16 AM | 998 Views
In many cities and villages, there are children who have no control over where they were born or what extreme circumstances they were brought into; they have no way of seeing themselves out of.... See More
 
Transcend Gives Back to Over 300 Kids with Metro World Child for the Sidewalk Sunday School Project
Techworld Date Posted: 9:16 AM | 998 Views
In many cities and villages, there are children who have no control over where they were born or what extreme circumstances they were brought into; they have no way of seeing themselves out of...See More

 
Honeywell Awards Three Scholarships to Chemical Engineer Students in the Philippines
Techworld Date Posted: 7 November 2017 4:41 PM | 74 Views
Honeywell (NYSE: HON) announced today that it has awarded scholarships to three Filipino students majoring in chemical engineering at a leading university in Philippines, affirming Honeywell’s continued investment in building the future engineering talent.... See More
 
Honeywell Awards Three Scholarships to Chemical Engineer Students in the Philippines
Techworld Date Posted: 4:41 PM | 74 Views
Honeywell (NYSE: HON) announced today that it has awarded scholarships to three Filipino students majoring in chemical engineering at a leading university in Philippines, affirming Honeywell’s continued investment in building the future engineering talent...See More

 
Global Shipments of FUJITSU Image Scanners Have Passed the 10 Million Mark
Techworld Date Posted: 30 September 2017 9:58 AM | 584 Views
PFU is proud to announce that as of July 2017, global shipments of its FUJITSU image scanners have passed the 10 million mark.. See More
 
Global Shipments of FUJITSU Image Scanners Have Passed the 10 Million Mark
Techworld Date Posted: 9:58 AM | 584 Views
PFU is proud to announce that as of July 2017, global shipments of its FUJITSU image scanners have passed the 10 million mark.See More

 
ASUS Announces Cutting-Edge AiMesh Whole-Home Wi-Fi for ASUS Routers
Techworld Date Posted: 5 January 2018 10:51 AM | 542 Views
ASUS today announced AiMesh, an innovative and breakthrough feature upgrade for ASUS routers that allows users to easily create a flexible and powerful whole-home Wi-Fi system using any compatible ASUS models.. See More
 
ASUS Announces Cutting-Edge AiMesh Whole-Home Wi-Fi for ASUS Routers
Techworld Date Posted: 10:51 AM | 542 Views
ASUS today announced AiMesh, an innovative and breakthrough feature upgrade for ASUS routers that allows users to easily create a flexible and powerful whole-home Wi-Fi system using any compatible ASUS models.See More

 
Meet Genesis – The Underground E-Shops with Tens of Thousands of Digital Doppelgangers for Sale to Bypass Financial Anti-Fraud Solutions
Techworld Date Posted: 24 April 2019 4:29 PM | 206 Views
Kaspersky Lab has published the results of an investigation into Genesis - an e-shop that is trading over 60,000 stolen and legitimate digital identities, making successful credit card fraud that much easier to conduct..... See More
 
Meet Genesis – The Underground E-Shops with Tens of Thousands of Digital Doppelgangers for Sale to Bypass Financial Anti-Fraud Solutions
Techworld Date Posted: 4:29 PM | 206 Views
Kaspersky Lab has published the results of an investigation into Genesis - an e-shop that is trading over 60,000 stolen and legitimate digital identities, making successful credit card fraud that much easier to conduct....See More


Power by

Download Free AZ | Free Wordpress Themes