Pitty Tiger – small ATPs scare private companies


Userlevel 7
Badge +54
By paganinip on July 13th, 2014
 

Security researchers at AIRBUS have uncovered a new APT, named Pitty Tiger, involved in a cyber espionage campaign which targeted mainly private companies.

Security experts at AIRBUS Defence & Space – CyberSecurity unit have recently disclosed the results of their investigation on a new APT dubbed Pitty Tiger involved in a cyber espionage campaign which targeted mainly private companies.
Also in this case the cyber espionage campaign has gone undetected for years, this is a common aspect of many cyber operations, the Pitty Tiger group has been active since at least 2011.
 
 
 


 
 
 
 
Full Article

5 replies

Userlevel 6
Hmmmmmm........ I wonder how many infected businesses are out there that still have no clue their site is infected.
 
 
Userlevel 7
Badge +54
There will be a lot of small businesses which do not have a dedicated IT department which are infected and that is not counting those with IT departments which are not upto speed with it.
Userlevel 7
This article on cyber espionage is quite alarming one would have thought these private company's have the necessary protection set up by their IT departments...............but as you have indicated Jasper they may not be up to speed or their defenses are inadequate. The theft of data from these company's could be damaging and irreversable depending on the sensevity of the information stolen.
Userlevel 6
So do we tay tuned for more credit card fraud?
 
If it isnt this one, the cybercriminals will come up with another one.
 
I agree with you @  and @ . Businesses need to get with the program and focus more resources to IT. 
Userlevel 7
The following article is a update on Pitty Tiger
 
("Pitty Tiger" Threat Actors Possibly Active Since 2008: FireEye)
 
 
By Eduard Kovacs on August 01, 2014 Researchers at FireEye have analyzed the operations of the advanced persistent threat (APT) group dubbed "Pitty Tiger," and determined that it might have been active since as far back as 2008.
The activities of the Pitty Tiger (PDF) group were first brought to light in mid-July by the cybersecurity unit at Airbus Defense & Space. Airbus researchers determined that the attackers, which are believed to be operating from China, have been active since at least 2011, but FireEye has found evidence to suggest that they've been targeting organizations for much longer.
http://www.securityweek.com/sites/default/files/National-Internet-ID.jpgAccording to the security firm, the threat group uses a combination of spear phishing emails, social engineering, email phishing pages, malware and other tools to accomplish their goals. The spear phishing emails analyzed by FireEye have been written in French, English and Chinese.
In a recent attack against a French company, the attackers sent out emails written in English and French that appeared to come from someone within the targeted organization. The malicious messages carried harmless-looking Microsoft Word documents that were set up to drop a first-stage payload, Backdoor.APT..gift (Troj/ReRol.A), by exploiting both old (CVE-2012-0158) and new (CVE-2014-1761) vulnerabilities affecting the Microsoft Office suite.
 
SecurityWeek/ Full Article Here/ http://www.securityweek.com/pitty-tiger-threat-actors-possibly-active-2008-fireeye
 

Reply