http://www.theregister.co.uk/2013/09/26/icefog_hit_and_run_apt_japan_south_korea/
By Phil Muncaster
The Register
26th September 2013
Kaspersky Lab has uncovered a new APT campaign aimed at pilfering secrets
from governments and supply chain industrial, military, media and
technology companies in Japan and South Korea.
Icefog features many of the key attributes of targeted attacks, including
the spear phishing email lure to gain a foothold in the victim’s network;
the use of malware which exploits known vulnerabilities; and the nabbing
of email credentials and system passwords to move laterally inside the
organisation.
However, where Icefog differs is that attacks are more laser focused and
shorter lived than typical APTs, according to Kaspersky Lab.
The vendor had the following in its report:
Perhaps one of the most important aspects of the Icefog C&Cs is the “hit
and run” nature. The attackers would set up a C&C, create a malware
sample that uses it, attack the victim, infect it, and communicate with
the victim machine before moving on. The shared hosting would expire in
a month or two and the C&C disappears.
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
