The Kaspersky Lab Global Research and Analysis Team (GReAT) was recognized with the Annual Péter Szőr Award for Technical Security Research for its work on uncovering and analyzing the ShadowPad operation, one of the most significant supply-chain attacks known to date. The award was received at Virus Bulletin 2018, which took place on October 3 through October 5 at the Fairmont Queen Elizabeth Hotel in Montreal, Quebec, Canada.

 

In July 2017, Kaspersky Lab researchers discovered ShadowPad, a backdoor hidden inside server management software that is used by hundreds of enterprises around the world. The malicious code was planted in the latest updates of this software, which is used in industries like financial services, education, telecoms, manufacturing, energy and transportation.

 

Kaspersky Lab GReAT researchers found that following the installation of an infected software update, the malicious module would send DNS-queries to specific domains (its command and control server) at a frequency of once every eight hours. The request would contain basic information about the victim’s system.

 

If the attackers considered the system to be ‘interesting,’ the command server would reply and activate a fully-fledged backdoor platform that would silently deploy itself inside the attacked computer.

 

After that, on command from the attackers, the backdoor platform would be able to download and execute further malicious code. The threat actor behind the attack is believed to be Chinese-speaking.

 

“As the widely reported story of ‘NotPetya’ and ‘CCleaner’ show, supply chain attacks are a huge problem. ShadowPad emphasizes the point that such attacks can be very subtle and remain active for a very long time,” said Martijn Grooten, Editor, Virus Bulletin. “Kaspersky Lab’s analysis provided both a general overview and very technical details of the attack, which will hopefully lead to more awareness of this threat and the issue of supply-chain attacks in general.”

 

The Péter Szőr award aims to recognize the best piece of technical security research published each year. Virus Bulletin created the award in Szőr’s honor after the researcher and Virus Bulletin advisory board member passed away in November 2013.

 

Nominations for the award are sought from the security community at large, and a final shortlist is voted on by the Virus Bulletin advisory board. The award is presented each year at the annual Virus Bulletin conference.

 

“ShadowPad is a prime example of how dangerous and wide-scale a successful supply-chain attack can be. Had it not been detected and patched so quickly, ShadowPad could have affected thousands of organizations worldwide,” said Costin Raiu, Director, GReAT. “Receiving the Péter Szőr award at Virus Bulletin is an absolute honor, and we are grateful not only for the recognition, but for the opportunity to continue protecting the world from cybercrime.”

 

The findings were published on August 15, 2017, and the full report can be accessed on Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Costly Cloud Breaches Putting Digital Transformation Strategies at Risk, Finds Kaspersky Lab
Techworld Date Posted: 25 May 2018 2:51 PM | 274 Views
The success of digital transformation projects are being stalled by the fear of the impact and rising costs of breaches associated with “data on the go”. According to new research from Kaspersky Lab, safeguarding.... See More
 
Costly Cloud Breaches Putting Digital Transformation Strategies at Risk, Finds Kaspersky Lab
Techworld Date Posted: 2:51 PM | 274 Views
The success of digital transformation projects are being stalled by the fear of the impact and rising costs of breaches associated with “data on the go”. According to new research from Kaspersky Lab, safeguarding...See More

 
Killer Messages on SONY PlayStation 4 and How to Deal with Them
Techworld Date Posted: 12 November 2018 4:45 PM | 163 Views
  Not everyone knows that SONY PlayStation 4 (PS4) has its own instant messenger: PlayStation Messages. There are also app versions for Android and iOS, so that it can be used not only on.... See More
 
Killer Messages on SONY PlayStation 4 and How to Deal with Them
Techworld Date Posted: 4:45 PM | 163 Views
  Not everyone knows that SONY PlayStation 4 (PS4) has its own instant messenger: PlayStation Messages. There are also app versions for Android and iOS, so that it can be used not only on...See More

 
Realme Adds More Value to Entry-Level Smartphone Experience with C1 ColorOS 5.2.1 Update
Techworld Date Posted: 22 January 2019 2:19 PM | 89 Views
Realme, the game changer smartphone brand, delights users of Realme C1 with the rollout of the ColorOS 5.2.1 update this week. With new features that promote smartphone efficiency and optimal mobile experience. See More
 
Realme Adds More Value to Entry-Level Smartphone Experience with C1 ColorOS 5.2.1 Update
Techworld Date Posted: 2:19 PM | 89 Views
Realme, the game changer smartphone brand, delights users of Realme C1 with the rollout of the ColorOS 5.2.1 update this week. With new features that promote smartphone efficiency and optimal mobile experienceSee More

 
Half of Businesses Find It Hard to Identify a Serious Security Breach. Do You?
Techworld Date Posted: 8 November 2017 4:53 PM | 312 Views
Prevention is still the main pillar of corporate cybersecurity, says the report ‘New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks’ from Kaspersky Lab.. See More
 
Half of Businesses Find It Hard to Identify a Serious Security Breach. Do You?
Techworld Date Posted: 4:53 PM | 312 Views
Prevention is still the main pillar of corporate cybersecurity, says the report ‘New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks’ from Kaspersky Lab.See More

 
HMD Global, Chicago Bulls Power Forward Lauri Markkanen Ink Long-Term Partnership
Techworld Date Posted: 23 January 2018 4:41 PM | 226 Views
HMD Global has signed a long-term co-operation agreement with Finnish NBA player Lauri Markkanen, who is playing his first season in the NBA as power forward for the Chicago Bulls.. See More
 
HMD Global, Chicago Bulls Power Forward Lauri Markkanen Ink Long-Term Partnership
Techworld Date Posted: 4:41 PM | 226 Views
HMD Global has signed a long-term co-operation agreement with Finnish NBA player Lauri Markkanen, who is playing his first season in the NBA as power forward for the Chicago Bulls.See More

Rafael Aquino
Intel® Meltdown And Spectre Updates
Techworld • By: Rafael Aquino | Date Posted: 14 March 2018 1:25 PM | 487 Views
Security vulnerabilities are everywhere, but lately, a new pair is on the loose. Intel® just received massive updates late February 2018 to early March for all processors that are currently in circulation. . See More
Rafael Aquino
Intel® Meltdown And Spectre Updates
Techworld • By: Rafael Aquino | Date Posted: 1:25 PM | 487 Views
Security vulnerabilities are everywhere, but lately, a new pair is on the loose. Intel® just received massive updates late February 2018 to early March for all processors that are currently in circulation. See More

 
KKR-Backed Emerald Media Leads US$65 Million Series B in aCommerce to Drive Southeast Asia’s Retail and Ecommerce Ecosystem Forward
Techworld Date Posted: 20 November 2017 1:46 PM | 247 Views
Manila, 20 November 2017 - aCommerce Co. Ltd. announced today that it has closed a US$65 million Series B funding round. The company is Southeast Asia’s leading ecommerce enabler and e-distributor in four markets.... See More
 
KKR-Backed Emerald Media Leads US$65 Million Series B in aCommerce to Drive Southeast Asia’s Retail and Ecommerce Ecosystem Forward
Techworld Date Posted: 1:46 PM | 247 Views
Manila, 20 November 2017 - aCommerce Co. Ltd. announced today that it has closed a US$65 million Series B funding round. The company is Southeast Asia’s leading ecommerce enabler and e-distributor in four markets...See More

 
Symantec Protects Office 365 with Industry-Leading Data Loss Prevention and New Data Rights Management
Techworld Date Posted: 2 October 2018 11:30 AM | 128 Views
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today announced new enhancements to its Data Loss Prevention (DLP) technology to protect information in Office 365. With Symantec DLP, data is protected whether.... See More
 
Symantec Protects Office 365 with Industry-Leading Data Loss Prevention and New Data Rights Management
Techworld Date Posted: 11:30 AM | 128 Views
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today announced new enhancements to its Data Loss Prevention (DLP) technology to protect information in Office 365. With Symantec DLP, data is protected whether...See More

 
GPU Powered: 7 Startups You Won’t Want to Miss at GTC
Techworld Date Posted: 27 February 2019 1:27 PM | 65 Views
Cargo ships that can self-navigate. A massive marketplace for AI-authenticated collectible sneakers. Professional translation at 5x speed.. See More
 
GPU Powered: 7 Startups You Won’t Want to Miss at GTC
Techworld Date Posted: 1:27 PM | 65 Views
Cargo ships that can self-navigate. A massive marketplace for AI-authenticated collectible sneakers. Professional translation at 5x speed.See More

CXO Innovation Summit
Rhea Sanvictores
First Ever CXO Innovation Summit Alights in Queen City of the South
Techworld • By: Rhea Sanvictores | Date Posted: 13 November 2018 11:11 AM | 181 Views
Held from November 9 to 11, 2018, the CXO Innovation Summit was staged at the luxurious Shangri-La’s Mactan Resort and Spa in Lapu-Lapu City, Cebu. Prominent distributor of up-to-date gadgets and devices MSI-ECS spearheaded.... See More
Rhea Sanvictores
CXO Innovation Summit
First Ever CXO Innovation Summit Alights in Queen City of the South
Techworld • By: Rhea Sanvictores | Date Posted: 11:11 AM | 181 Views
Held from November 9 to 11, 2018, the CXO Innovation Summit was staged at the luxurious Shangri-La’s Mactan Resort and Spa in Lapu-Lapu City, Cebu. Prominent distributor of up-to-date gadgets and devices MSI-ECS spearheaded...See More


Power by

Download Free AZ | Free Wordpress Themes