Researchers at Blue Coat Labs in California have discovered a malware what they call ‘Inception’ which first targeted diplomats and government organizations in Russia and later spread to other countries.
“A previously undocumented attack framework” is being used to launch highly targeted attacks to gain access to, and extract confidential information from, victims’ computers, according to Blue Coat.
Targets include individuals in strategic positions, executives in important businesses such as oil, finance and engineering, military officers, embassy personnel and government officials.
The Inception attacks began by focusing on targets primarily located in Russia or related to Russian interests, but have since spread to targets in other locations around the world. The preferred malware delivery method is via phishing emails containing trojanized documents, the study added.
Blue Coat Lab researchers have recently found that the attackers have also created malware for Android, BlackBerry and iOS devices to gather information from victims, as well as seemingly planned MMS phishing campaigns to mobile devices of targeted individuals.
To date, Blue Coat has observed over 60 mobile providers such as China Mobile, O2, Orange, SingTel, T-Mobile and Vodafone, included in these preparations, but the real number is likely far higher, Blue Coat explains in a statement.
Initial malware components have, in all cases that Blue Coat has observed, been embedded in Rich Text Format (RTF) files. Exploitation of vulnerabilities in this file format is leveraged to gain remote access to victim’s computers. These files are delivered to the victim via phishing emails with exploited Word documents attached.
When the user clicks on the attachment, a Word document is displayed to avoid arousing suspicion from the user while malicious content stored inside the document in encoded form writes to their disk. Unusual for many exploit campaigns, the names of the dropped files vary and have been clearly randomized in order to avoid detection by name.
The malware gathers system information from the infected machine, including OS version, computer name, user name, user group membership, the process it is running in, locale ID’s, as well as system drive and volume information. All of this system information is encrypted and sent to cloud storage via WebDAV.
The framework is designed in such a way that all communication after malware infection (i.e. target surveying, configuration updates, malware updates, and data exfiltration) can be performed via the cloud service.
Initially, attacks campaigns seemed to be largely focused on Russia and a few other Eastern European countries. However, Blue Coat has also seen attacks on targets in other countries across the globe including India and the Middle East.
While information about targets is limited, Blue Coat researchers have uncovered a number of phishing emails highlighting industry targets.
The US State Department has shut down its entire unclassified email system after detecting a breach in its computer network. According to reports, the “activity of concern” was detected in the system concurrently with another cyber attack which hit the network at the White House computer network
The Indian government has dedicated a budget of $16. 2 million to increase cyber security and cyber defense in the country
With data breaches, ransomware and cyber attacks increasing at an alarming rate worldwide, the cyber insurance market is booming as well. The costs of data breaches run in the millions and take months, if not years, to recover, repair and investigate
The United Arab Emirates is gearing up to launch a cyber command within the General Headquarters (GHQ) of the UAE Armed Forces. Sources with knowledge on the matter told Defenseworld
The Chinese Peoples Liberation Army (PLA) founded Cyberspace Strategic Intelligence Research Center at an information center of the General Armaments Department (GAD) on June 26, 2014. The Cyberspace Strategic Intelligence Research Center is an intelligence platform built on research efforts of an information center of the GAD and the wisdom of the experts in various fields
The United States is reportedly facing a shortage of cybersecurity professionals — particularly for positions within the federal government because it does not offer salaries as high as the private sector. According to a study published by the RAND organization, the demand for cybersecurity professionals began to overtake supply in 2007, largely due to increased reports of large-scale hacking, including the leakage of credit card data, attacks on Internet connectivity, and the discovery of "advanced persistence threats" — teams of hackers who go after intellectual property by establishing a persistent presence in the networks of U
A malware called VPNFilter targeted at routers in Ukraine has infiltrated devices in some 54 nations, warns Talos, the cybersecurity division of computer systems company Cisco. "While this isn't definitive by any means, we have also observed VPNFilter, a potentially destructive malware, actively infecting Ukrainian hosts at an alarming rate, utilizing a command and control infrastructure dedicated to that country," Anadolu Agency reports quoting an announcement made by Talos
Russian next generation nuclear powered attack submarines will continue to have a double-hull structure, according to Malakhit design bureaus deputy general director Nikolai Novoselov. “The displacement will be roughly similar to that of the Yasen-class subs – some 12,000 tons or even slightly less,” Malakhits deputy general director Nikolai Novoselov said in an interview with RIA Novosti
Philippine $5.6 Billion Horizon-2 Phase to Fund Four Frigates, Submarines
Diehl to Supply Additional IRIS-T Short Range Air-air Missiles to Thailand
Airbus to Pull Out of UK if Britain Leaves EU without a...
General Dynamics to Supply Hydra Rockets, Warheads to Saudi Arabia, Qatar and...
BEL in Race to Develop Infrared Tracking System For Sukhoi Su-30 MKI...
Draken Wins USAF $280 Million ADAIR Services Contract
Pakistan Signs Deal to Procure 30 T129 ATAK Helicopters from Turkey
BAE Systems Wins $348 Million to Produce 473 Bradley Armored Vehicles
Indias plans of integrating the MBDAs meteor missile on its LCA Tejas and Su-30MKI aircraft may not happen due to...
The most-read stories on the defenseworld
One of the most interesting exhibits at the Dubai Air show 2017 occupies a corner in the Aviation Industries Corporation...
The rising demand for low-cost, combat-capable aircraft that is able to perform a range of missions in an unchallenged environment,...
Amid the proliferation of real-time data from sources such as mobile devices, web, social media, sensors, log files and transactional...
Military activity in various hotspots of the world has increased the demand for ballistic protection that includes headgear, bulletproof vests,...