Kaspersky Lab launches new online spy phenomenon




Kaspersky Lab launches new online spy phenomenon
Focus “ice Regiment” attacks on supply chain in some Asian countries to Western companies.

Deployment of the security research team at Kaspersky Lab on a research paper about new discovery is “ACE” Regiment (IceFog), a small but persistent threat actors in “APT”, which focused on targets in South Korea and Japan, attacking supply chain companies. The operation started in 2011 and has expanded in size and scope over the past few years.

“Rio”, organised under the research group and Director of global analysis: “we have seen over the past few years a number of persistent threats by many and intense attacks on various types of victims and sectors. In most cases, the attackers retain footholds in corporate networks and Government institutions for many years, allowing them to smuggle dozens of altirabaytat sensitive information. “Rio said:” the nature of the hit and run “attacks that characterize the ice Regiment” suggest the emergence of a new trend is forming a guerrilla hit-and-run smaller focused its mission on track information accuracy. The attack usually lasts for a few days or weeks, and found what they were looking for the attackers to clear their tracks and leaving. We expect to grow the number of sets “incurable advanced threats could hire them” small and specific tasks in hit-and-run operations, comprising a team of mercenaries, Internet optimizes handling technology of the modern world. ”

Main results:

-Based information on specific targets, indicating that attackers attach importance to the following sectors: military, shipbuilding and maritime operations, computer software development and research companies and telecom operators and satellite operators and mass media and television.

-Research suggests that the attackers were interested in targeting defense contractors such as the company “Liege” and turned over the company “silktron” Ltd., companies specialized in shipbuilding such as “de SMS eBay tech and Hanjin heavy industries”, in addition to targeting operators such as Korea Telecom co., and media companies, such as Fuji TV, Japan-China Economic Association.

The attackers seized the important and sensitive documents and plans of the company and your e-mail account credentials and passwords in order to access different sources inside and outside the network.

-During operation, the attackers settings used “ice” hidden “Regiment (also known as” vokoba-Fucobha “). Established company Kaspersky Lab releases “ice Regiment” for both Microsoft Windows and Mac OS x.

While most of the intractable threats gangs attack other developed, the victim was infected for months or even years, in which the attackers to steal data, operators of “ice Regiment” with attacks on victims one by one, locate and copy the information on the specific target. Once they have the information required to leave immediately.

-The operators seem to be “ice Regiment” in most cases they know exactly what they want. They are looking for specific file names can identify them and send a copy to the concerned authority.

The attack achieved:

Kaspersky Lab “researchers were able to identify 13 of more than 70 scope used by attackers. This provided access to statistical information on the number of victims in the world. Furthermore, the servers “ice Regiment command and control encrypted records of victims alongside the various operations carried out. These records are often useful in identifying those behind the attacks and, in some cases, to identify the victims. In addition to Japan and South Korea, the discovery of several suspicious communication channels in many other countries, including Taiwan, Hong Kong, China, the United States, Australia, Canada, United Kingdom, Italy, Germany, Austria, Singapore, Russia and Malaysia. All in all, “Kaspersky Lab” more than 4,000 detection system and intrusion protection infected several hundred victims (several dozen victims of the “Windows” and more than 350 victims of “Mac OS x”).

Based on the list of detection systems and protection from hack used to monitor and control infrastructure, experts predict “Kaspersky Lab” that the parties behind the threat those stationed in at least three States, namely China, South Korea and Japan.

Related topics:

Kaspersky Lab



In: Technology & Gadgets Asked By: [15484 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »