light bulb

Did You Know?



Reply
Posts: 3,604
Topics: 2,128
Kudos: 2,747
Blog Posts: 0
Registered: ‎06-02-2014

Crouching Yeti' Attack Campaign Targeting Industries Worldwide Detailed in New Report

Comment/ Another attack campaign against Industries.

=================================================================================================

By Brian Prince on July 31, 2014
 

Researchers at Kaspersky Lab released a detailed analysis of an advanced attack campaign that has struck about 2,800 victims across multiple industries worldwide.  

Dubbed 'Energetic Bear' by CrowdStrike and renamed 'Crouching Yeti' by Kaspersky Lab, the attack campaign has gone on to infect companies worldwide. While CrowdStrike stated the operation was likely the work of a Russian threat actor, researchers at Kaspersky Lab were more hesitant to name names.

"Based in some artifacts, we believe the campaign originated at the end of 2010," according to a blog post by Kaspersky Lab's Global Research and Analysis Team. "The campaign is still alive and getting new daily victims."

"We believe this is an information stealing campaign," the researchers added. "Given the heterogeneous profile of the victims it seems than the attackers were interested in different topics and decided to target some of the most prominent institutions and companies in the world to get latest information."

The attackers used three tactics to distribute malware: spear-phishing using PDF documents armed with an exploit for CVE-2011-0611, an Adobe Flash Player vulnerability; waterhole attacks using a variety of exploits; and Trojanized software installers. 

 

SecurityWeek/ full read here/ http://www.securityweek.com/crouching-yeti-attack-campaign-targeting-industries-worldwide-detailed-n...

Community Leader

Posts: 3,604
Topics: 2,128
Kudos: 2,747
Blog Posts: 0
Registered: ‎06-02-2014

Re: Crouching Yeti' Attack Campaign Targeting Industries Worldwide Detailed in New Report

The following article is a update on Crouching Yeti Attack.

 

(Crouching Yeti still spying)

 

 

By  Mark Sutton Published  August 7, 2014

 

Kaspersky Lab has warned that the cyber espionage campaign known both as Energetic Bear and Crouching Yeti is still actively spying on a wide range of institutions worldwide.

 

 

 

Energetic Bear/Crouching Yeti has been active since at least 2010, the security company said, with over 2,800 targets worldwide in sectors including industrial/machinery, manufacturing, pharmaceutical, construction, education, and information technology.

 

 

 

A new analysis of the malware and command and control (C&C) infrastructure of the campaign by Kaspersky has shown that the attack does not use highly sophisticated malware, and also throws doubt on the presumed origin of the campaign.

 

itp.net/ Full Article Here/ http://www.itp.net/599304-crouching-yeti-still-spying

 

 

 

Community Leader

Posts: 3,604
Topics: 2,128
Kudos: 2,747
Blog Posts: 0
Registered: ‎06-02-2014

Re: Crouching Yeti' Attack Campaign Targeting Industries Worldwide Detailed in New Report

The following article is a update:

**************************************

Crouching Yeti APT Actor Still Targeting Industrial Sectors: Kaspersky

 

Community Leader