Cyber Espionage | SC Media Cyber Espionage

Cyber Espionage

Reputed Vietnamese APT group hacks BMW, Hyundai: report

The reputed Vietnamese APT group OceanLotus is believed responsible for recently hacking into the networks of German car manufacturer BMW, as well as South Korea’s Hyundai, presumably to spy on their automotive trade secrets. German broadcaster Bayerricscher Rundfunk, which broke the story, reported (in an article translated into English) that BMW caught the intrusion early…

Law enforcement delivers knockout blow to Imminent Monitor RAT network

International law enforcement officials late last week announced a crackdown on a cybercriminal network responsible for the proliferation of the Imminent Monitor Remote Access Trojan (IM-RAT). The coordinated operation, executed by authorities based in Australia, Europe and Colombia, resulted in the takedown of IM-RAT web page and infrastructure, and the arrest of 13 people. Additionally,…

The car hacking talks will cover findings involving controller area networks (CAN) and automobiles.

Cyberattackers taking auto industry for a ride, FBI reportedly warns

Malicious attackers have notably stepped up attacks on the U.S. auto industry since late year, hitting car manufacturers with ransomware, compromising their systems, and exfiltrating their data, the FBI reportedly warned this week. CNN on Wednesday reported that the FBI alert came in the form of a private bulletin sent to a select group of…

‘Kardashian jokes and then a really racist tweet’: How Russian social media trolls suckered in Americans

Camille Francois remembers the day she learned that the U.S. Senate Select Committee on Intelligence was granting her the extraordinary opportunity to research the extent of Russia’s influence operations during 2016 presidential election campaign. SC Podcast “Our CEO [John Kelly]… said, ‘Hey Cam, what would you say if we had access to the actual data…

We interviewed cyber experts on a Vegas ferris wheel. Then ride security showed up…

In the film “Ocean’s 11,” Danny Ocean and his team of expert cybercriminals execute a daring casino heist in glitzy Las Vegas. This past summer at the Black Hat and DEF CON conferences in Sin City, the editorial staff at SC Media attempted to pull off a less ambitious – and decidedly more legal –…

Officials preparing for cyber attacks, scams as Olympics nears

Microsoft: Russia again hacks anti-doping and sports agencies

Facing possible exclusion from the 2020 Summer Olympics in Tokyo and other major athletic events, Russia once again has been attempting to hack anti-doping agencies and sports organizations, Microsoft reported yesterday. In attacks that started on Sept. 16, the reputed Russian APT Fancy Bear targeted at least 16 national and international sports organizations across three…

New 'Rombertik' malware destroys master boot record if analysis function detected

Major software vendor compromised with previously undocumented PortReuse backdoor

A thorough investigation into reputed Chinese APT actor Winnti Group turned up a previously undocumented backdoor that was used to compromise a popular Asian mobile hardware and software vendor — perhaps as a prelude to launching a major supply chain attack against its users. Dubbed PortReuse, the modular malware is a passive network implant that…

Cyber espionage actor PKPLUG keeps plugging away at targeting SE Asia

Drawing on three years of investigatory work, researchers have assembled a detailed playbook on PKPLUG, a suspected Chinese threat actor targeting Asians with an assortment of malware used for cyber espionage purposes. The authors of this playbook – members of Palo Alto Networks threat research group Unit 42 – were able to connect PKPLUG to…

Power plant Russia

Second phishing campaign featuring LookBack malware targets U.S. utilities

A malicious threat actor continued to target the U.S. utilities sector with LookBack malware last August, launching a new phishing campaign that targeted organizations with emails impersonating a certification test administrator. Discovered earlier this year by researchers at Proofpoint, LookBack includes a proxy mechanism and a remote access trojan module. In July, the attackers behind…

Brazil

BRATA malware targeting Brazilian Android devices

First there was Brangelina, TomKat and Bennifer and now Kaspersky has presented the world with BRATA, or Brazilian RAT Android. BRATA is not a power celebrity couple, but is a relatively new Android remote access tool family that, at least so far, has exclusively targeted Brazilians using Android 5.0 or higher, according to Kaspersky’s GReAT…

Next post in Malware