To Customer Support To Customer Support

APT28: FireEye uncovered a Russian cyber espionage campaign

  • 29 October 2014
  • 2 replies
  • 4 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
By Pierluigi Paganini on October 29th, 2014
 

APT28: FireEye has issued a new report uncovering a large scale cyber-espionage campaign that appears sponsored by the Russian government.

 
A report published by FireEye reveals that a group of Russian hackers, dubbed APT28, is behind long-running cyber espionage campaigns that targeted US defense contractors, European security organizations and Eastern European government entities.
The hackers also targeted attendees of European defense exhibitions, including the EuroNaval 2014, EUROSATORY 2014, and the Counter Terror Expo and the Farnborough Airshow 2014.
Recently, principal security firms (Cisco, FireEye, F-Secure, iSight Partners, Microsoft, Tenable and others) were involved in a joint effort dubbed Operation SMN against the cyber espionage group known as Hidden Lynx and its arsenal.
 


 
Full Article

2 replies

Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
Another report on the subject:
 
10/29/2014 Ericka Chickowski
 
EXCERPT:
 
Following up on the Operation Pawn Storm report from TrendMicro last week, FireEye provided greater historical context and details about the modus operandi of the actors in question, who make up a hacking collective they call APT28. Tracing activity back seven years through attacks found to be based on modularly designed malware, FireEye says it has solidified what's only been a dotted line connection between the Russian government and the Sofacy malware family -- also known as SEDNIT -- which consists of a dropper FireEye calls Sourface, along with the Eviltoss backdoor malware, and a modular implant called Chopstick.
 
Full Article
R
Rank
Userlevel 7
The following article is a update
 

(Russian Cyber Espionage Under The Microscope)

By: Kelly Jackson Higgins  Posted on 11/20/2014
04:30 PM
 
New report shows level of coordination and strategy by three main groups of cyberspies out of Russia.
 A study of published intelligence on three major malware families used in Russia's cyber espionage operations shows a highly coordinated, targeted, and stealthy strategy.
Researchers at Recorded Future studied Uroburous, Energetic Bear, and APT28, three main malware families out of Russia being used for cyberspying. In a report scheduled for publication today, RecordedFuture analyzed intelligence on the operations from public reports by various security vendor research teams and found, among other things, that the three attack groups don't operate in a vacuum. For one thing, they appear to avoid hitting the same targets: "There's very little cohabitation of the [three] malware families," says Christopher Ahlberg, CEO and co-founder of Recorded Future. "It seems to indicate some level of tactical and organizational coordination."
 
Full Article

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.