See also Cyber Espionage Group Leverages at Least Ten Custom Tools in Attacks
By Lucian Constantin Oct 28, 2014
A coalition of security vendors has disrupted the activities of a sophisticated group of attackers tied to China that, over the past six years, infiltrated the computers of many Fortune 500 companies, journalists, environmental groups, software companies, academic institutions, pro-democracy groups and government agencies around the world.
Featured Resource
The so-called “interdiction” effort was publicly announced earlier this month and targeted a cyberespionage group dubbed Axiom. It saw the participation of Novetta, Cisco Systems, Microsoft, FireEye, FSecure, iSight Partners, Symantec, Tenable Network Security, ThreatConnect, ThreatTrack Security and Volexity.
So far the vendors’ disruptive action called Operation SMN resulted in the removal of 43,000 instances of malicious tools installed by the Axiom attackers on compromised computers, according to a full report published Monday by Novetta, the data analytics firm that led the coalition.
Full Article
Security vendor coalition cleans 43,000 malware infections used for cyberespionage
Userlevel 7
+54
Userlevel 7
+3
Earlier this month, Novetta took their initial public action in the first Coordinated Malware Eradication (CME) campaign against Win32/Hikiti and its associated threats.
Today, Novetta released a comprehensive report that describes in detail the threats and threat actors, known as Axiom, targeted in this campaign.
http://blogs.technet.com/b/mmpc/archive/2014/10/27/novetta-leads-first-coordinated-malware-eradication-campaign.aspx
http://www.isightpartners.com/2014/10/operation-smn-axiom-group/
Earlier today (Tuesday, October 28th ) iSIGHT Partners proudly participated in the public disclosure of threat intelligence on a prolific Chinese Cyber Espionage group. This disclosure included the sharing of technical indicators which can be used to determine the potential of compromise, as well as detail on the tactics, techniques and procedures of this group which can be used to inform better security decisions. This release was made as part of a coalition of security vendors, security researchers and major technology companies called “Operation SMN” which was announced on October 14th. The effort was led by Novetta and Microsoft and is the first joint effort under Microsoft’s Coordinated Malware Eradication program.
Userlevel 7
By Sara Peters/ Posted on 10/28/2014
Novetta, Microsoft, and others form Operation SMN to eradicate Hikit malware and disrupt the cyber espionage gang Axiom's extensive information gathering.
A coalition of security companies has hit a sophisticated hacking group in China with a heavy blow. The effort is detailed in a report released today by Novetta. The coalition, which calls itself Operation SMN, detected and cleaned up malicious code on 43,000 computers worldwide that were targeted by Axiom, an incredibly sophisticated organization that has been stealing intellectual property for more than six years.
This effort was led by Novetta and included Bit9, Cisco, FireEye, F-Secure, iSIGHT Partners, Microsoft, Tenable, ThreatConnect Intelligence Research Team (TCIRT), ThreatTrack Security, Volexity, and other unnamed organizations. Operation SMN is working independently of law enforcement or intelligence agencies. The group united as part of Microsoft's Coordinated Malware Eradication (CME) campaign against Hikit (a.k.a. Hikiti), the custom malware often used by Axiom to burrow into organizations, exfiltrate data, and evade detection, sometimes for years.
Full Article
Novetta, Microsoft, and others form Operation SMN to eradicate Hikit malware and disrupt the cyber espionage gang Axiom's extensive information gathering.
A coalition of security companies has hit a sophisticated hacking group in China with a heavy blow. The effort is detailed in a report released today by Novetta. The coalition, which calls itself Operation SMN, detected and cleaned up malicious code on 43,000 computers worldwide that were targeted by Axiom, an incredibly sophisticated organization that has been stealing intellectual property for more than six years.
This effort was led by Novetta and included Bit9, Cisco, FireEye, F-Secure, iSIGHT Partners, Microsoft, Tenable, ThreatConnect Intelligence Research Team (TCIRT), ThreatTrack Security, Volexity, and other unnamed organizations. Operation SMN is working independently of law enforcement or intelligence agencies. The group united as part of Microsoft's Coordinated Malware Eradication (CME) campaign against Hikit (a.k.a. Hikiti), the custom malware often used by Axiom to burrow into organizations, exfiltrate data, and evade detection, sometimes for years.
Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.