We discovered a new campaign targeting organizations in Turkey, Pakistan and Tajikistan that has some similarities with an earlier campaign named MuddyWater, which hit various industries in several countries, primarily in the Middle East and Central Asia.
Third party security researchers named the MuddyWater campaign as such because of the difficulties in attributing the attacks.
However, given the nature of the targets, as well as the gathering and uploading of information to C&C servers, it appears that the attackers are mainly concerned with espionage activities — with the Saudi Arabia’s National Cyber Security Center (NCSC) publishing an alert on their website regarding the attacks.
Given the number of similarities, we can assume that there is a connection between these new attacks and the MuddyWater campaign. It also signifies that the attackers are not merely interested in a one-off campaign, but will likely continue to perform cyberespionage activities against the targeted countries and industries.
Comparing the earlier MuddyWater campaign with this new one reveals some distinct similiarities…
Kommentare und FragenMöchtest Du zu diesem Artikel ein Kommentar abgeben oder hast dazu eine Frage, dann mach dies bitte immer auf der Herausgeberseite!
Aktuelles von TrendLabs Malware Blog
- VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities
- July Patch Tuesday: Large Adobe Security Update and Patches for 18 Critical Microsoft Vulnerabilities
- Malicious Macro Hijacks Desktop Shortcuts to Deliver Backdoor
- Down but Not Out: A Look Into Recent Exploit Kit Activities
- The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors
- Cryptocurrency-Mining Bot Targets Devices With Running SSH Service via Potential Scam Site
- Necurs Poses a New Challenge Using Internet Query File
- Drupal Vulnerability (CVE-2018-7602) Exploited to Deliver Monero-Mining Malware
- FakeSpy Android Information-Stealing Malware Targets Japanese and Korean-Speaking Users
- North American Malware Trends: Taking a Proactive Approach to Modern Threats
Diese Information erscheint unabhängig vom Artikel!