Researchers at Blue Coat Labs in California have discovered a malware what they call ‘Inception’ which first targeted diplomats and government organizations in Russia and later spread to other countries.
“A previously undocumented attack framework” is being used to launch highly targeted attacks to gain access to, and extract confidential information from, victims’ computers, according to Blue Coat.
Targets include individuals in strategic positions, executives in important businesses such as oil, finance and engineering, military officers, embassy personnel and government officials.
The Inception attacks began by focusing on targets primarily located in Russia or related to Russian interests, but have since spread to targets in other locations around the world. The preferred malware delivery method is via phishing emails containing trojanized documents, the study added.
Blue Coat Lab researchers have recently found that the attackers have also created malware for Android, BlackBerry and iOS devices to gather information from victims, as well as seemingly planned MMS phishing campaigns to mobile devices of targeted individuals.
To date, Blue Coat has observed over 60 mobile providers such as China Mobile, O2, Orange, SingTel, T-Mobile and Vodafone, included in these preparations, but the real number is likely far higher, Blue Coat explains in a statement.
Initial malware components have, in all cases that Blue Coat has observed, been embedded in Rich Text Format (RTF) files. Exploitation of vulnerabilities in this file format is leveraged to gain remote access to victim’s computers. These files are delivered to the victim via phishing emails with exploited Word documents attached.
When the user clicks on the attachment, a Word document is displayed to avoid arousing suspicion from the user while malicious content stored inside the document in encoded form writes to their disk. Unusual for many exploit campaigns, the names of the dropped files vary and have been clearly randomized in order to avoid detection by name.
The malware gathers system information from the infected machine, including OS version, computer name, user name, user group membership, the process it is running in, locale ID’s, as well as system drive and volume information. All of this system information is encrypted and sent to cloud storage via WebDAV.
The framework is designed in such a way that all communication after malware infection (i.e. target surveying, configuration updates, malware updates, and data exfiltration) can be performed via the cloud service.
Initially, attacks campaigns seemed to be largely focused on Russia and a few other Eastern European countries. However, Blue Coat has also seen attacks on targets in other countries across the globe including India and the Middle East.
While information about targets is limited, Blue Coat researchers have uncovered a number of phishing emails highlighting industry targets.
The US State Department has shut down its entire unclassified email system after detecting a breach in its computer network. According to reports, the “activity of concern” was detected in the system concurrently with another cyber attack which hit the network at the White House computer network
The Indian government has dedicated a budget of $16. 2 million to increase cyber security and cyber defense in the country
With data breaches, ransomware and cyber attacks increasing at an alarming rate worldwide, the cyber insurance market is booming as well. The costs of data breaches run in the millions and take months, if not years, to recover, repair and investigate
The United Arab Emirates is gearing up to launch a cyber command within the General Headquarters (GHQ) of the UAE Armed Forces. Sources with knowledge on the matter told Defenseworld
The Chinese Peoples Liberation Army (PLA) founded Cyberspace Strategic Intelligence Research Center at an information center of the General Armaments Department (GAD) on June 26, 2014. The Cyberspace Strategic Intelligence Research Center is an intelligence platform built on research efforts of an information center of the GAD and the wisdom of the experts in various fields
The United States is reportedly facing a shortage of cybersecurity professionals — particularly for positions within the federal government because it does not offer salaries as high as the private sector. According to a study published by the RAND organization, the demand for cybersecurity professionals began to overtake supply in 2007, largely due to increased reports of large-scale hacking, including the leakage of credit card data, attacks on Internet connectivity, and the discovery of "advanced persistence threats" — teams of hackers who go after intellectual property by establishing a persistent presence in the networks of U
A malware called VPNFilter targeted at routers in Ukraine has infiltrated devices in some 54 nations, warns Talos, the cybersecurity division of computer systems company Cisco. "While this isn't definitive by any means, we have also observed VPNFilter, a potentially destructive malware, actively infecting Ukrainian hosts at an alarming rate, utilizing a command and control infrastructure dedicated to that country," Anadolu Agency reports quoting an announcement made by Talos
Russian next generation nuclear powered attack submarines will continue to have a double-hull structure, according to Malakhit design bureaus deputy general director Nikolai Novoselov. “The displacement will be roughly similar to that of the Yasen-class subs – some 12,000 tons or even slightly less,” Malakhits deputy general director Nikolai Novoselov said in an interview with RIA Novosti
Pakistani JF-17 not to Participate in LIMA 2019
Two Russian Typhoon-class Subs To Carry 200 Kalibr Missiles
Ukraine Tests Turkish Bayraktar TB2 Combat Drones
US Likely To Stop delivery Of F-35s To Turkey
Pakistan Unveils Light Attack Super Mushak Turboprop Aircraft
Russian S-400 Capability Overrated: Swedish Defense Research Agency
Russia to Upgrade Su-30SM Jets to Su-35 Standard, Offers the Same to...
Russia to Supply 12 Su-35 Fighter Jets to Egypt for $2 Billion
Russian state-run Almaz-Antey has released additional data on its latest export-version of Buk-M3 Viking air defense missile system (ADMS)
The MiG-29, one of Russias most exported military jet has been upgraded in India that expands its capabilities from an...
Russian fifth generation fighter aircraft (FGFA) Su-57 will for the first time perform flights during the ARMY 2018 event near...
The American-made Patriot and Russian S-400 Triumf air defense systems are currently hogging international orders despite their price tags running...
The Russian ministry of defense on Thursday published a series of videos showcasing the production, deployment and installation and testing...
The market for fighter jets in countries which are expected to have open competitions is estimated at US$50 billion to...