Wipers and fileless malware in targeted attacks

Wipers and fileless : The first three months of 2017 saw a sharp increase in digital sophistication supported by states, with threat actors turning their attention to wipers, as well as financial crime. Wipers and fileless malware

These, as well as other trends, are covered in its first quarterly summary report with data from the regular digital threat update reports it sends exclusively to its subscribers.

Η νέα τριμηνιαία αναφορά «APT Trends» θα είναι διαθέσιμη δωρεάν και θα επισημαίνει σημαντικές εξελίξεις στις στοχευμένες , as well as emerging trends that require the immediate attention of businesses and organizations. The content of the first quarter report is drawn from the observations of Kaspersky Lab experts, who monitored the activity of APT operators during the first quarter

The key points of the first quarter of 2017 include:

  • The wipers are exploited by targeted threat operators, both for digital sabotage and for tracing traces of digital espionage. An advanced generation of wipers was used in her new wave of attacks ς Shamoon. Η έρευνα που ακολούθησε  οδήγησε στην ανακάλυψη του StoneDrill και ομοιοτήτων στον κώδικα με αυτόν της ς NewsBeef (Charming Kitten). Ένα θύμα του StoneDrill βρέθηκε στην Ευρώπη.
  • Targeted attackers vary in how they steal . The long-term monitoring of the Lazarus team identified a subgroup, which Kaspersky Lab called BlueNoroff and actively attacks financial institutions from different countries, including a high-intensity attack in Poland. BlueNoroff is believed to be behind the infamous robberies at of Bangladesh.
  • The fileless κακόβουλο λογισμικό χρησιμοποιείται σε τόσο από φορείς στοχευμένων επιθέσεων όσο και από ψηφιακούς εγκληματίες εν γένει – βοηθώντας στην αποφυγή του εντοπισμού τους αλλά και δυσκολεύοντας τις εγκληματολογικές έρευνες. Kaspersky Lab experts have found examples of lateral movement tools used in Shamoon attacks, attacks against banks in Eastern Europe and in the hands of a number of other APT operators.

"The landscape of targeted threats is constantly evolving and attackers are getting better prepared, looking for and exploiting new gaps and opportunities. That is why Information on Threats is so important: it embraces the organizations by understanding and reveals the actions they need to take. For example, the threats landscape for the first quarter highlights the need to track bad software footprints in memory and response to incidents to combat attacks fileless malware, and security that can detect anomalies throughout the network activity, Juan stated Guerrero-Saade, Senior Security Researcher of Kaspersky Lab's Global Research and Analysis Group.

Kaspersky Lab's Global Research and Analysis Team is currently monitoring over one hundred threatening agencies and sophisticated malware that target commercial and governmental organizations in more than 80 countries. During the first quarter of 2017, the company's know-how created 33 private reports for Information Service subscribers, with Compatibility Indicator data and YARA rules to help mark and hunt malicious software.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).