Saturday, June 23, 2018
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
FCC to Seek for Flexible Use of C-band and 6GHz Airwaves
AMD Presents Modular Routing Design for Chiplet-based Systems
Software Business Continues to Work For BlackBerry
Apple Turns to the U.S. Patent Office to Invalidate Qualcomm Patents
Samsung Patents Bezel-less, Notch-free Smartphone Design
China is Home to Most Smartphone Vendors
VidCon 2018: Youtube Announces Memberships, Merchandise as Alternatives to Ads
Chatting With Google Assistant Gets More Natural
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > F-Secur...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, September 17, 2015
F-Secure Identifies Malware Family Linked To Russian State-backed Cyber-espionage


Security firn F-Secure has released a new whitepaper commonly referred to as "the Dukes" - a well-resourced, highly dedicated, and organized cyber-espionage group that has been working for the Russian government since at least 2008 to collect intelligence in support of foreign and security policy decision-making.

The Dukes (sometimes also referred to as APT29) are known to employ a wide arsenal of malware toolsets including MiniDuke, CosmicDuke, OnionDuke, CozyDuke, SeaDuke, CloudDuke (aka MiniDionis), and HammerDuke.

The Dukes primarily target Western governments and related organizations, such as government ministries and agencies, political think tanks, and governmental subcontractors. Their targets have also included the governments of members of the Commonwealth of Independent States; Asian, African, and Middle Eastern governments; organizations associated with Chechen extremism; and Russian speakers engaged in the illicit trade of controlled substances and drugs.

According to the report, the Dukes have engaged in apparently biannual large-scale spear-phishing campaigns against hundreds or even thousands of recipients associated with governmental institutions and affiliated organizations. These campaigns utilize a smash-and-grab approach involving a fast but noisy break-in followed by the rapid collection and exfiltration of as much data as possible. If the compromised target is discovered to be of value, the Dukes will quickly switch the toolset used and move to using stealthier tactics focused on persistent compromise and long-term intelligence gathering.

In addition to these large-scale campaigns, the Dukes continuously and concurrently engage in smaller, much more targeted campaigns, utilizing different toolsets. These targeted campaigns have been going on for at least 7 years. The targets and timing of these campaigns appear to align with the known foreign and security policy interests of the Russian Federation at those times.

The Dukes rapidly react to research being published about their toolsets and operations. However, the group (or their sponsors) value their operations so highly that though they will attempt to modify their tools to evade detection and regain stealth, they will not cease operations to do so, but will instead incrementally modify their tools while continuing apparently as previously planned.

In some of the most extreme cases, the Dukes have been known to engage in
campaigns with unaltered versions of tools that only days earlier have been brought to the public’s attention by security companies and actively mentioned in the media. In doing so, the Dukes show unusual confidence in their ability to continue successfully compromising their targets even when their tools have been publicly exposed, as well as in their ability to operate with impunity.




Previous
Next
PS4 Sales In China Limited by Local Censorship Rules        All News        Xbox 360 System Update Adds New Features
Fujitsu Achieves High Recognition Rate for Handwritten Chinese Characters     General Computing News      AMD, Mentor Graphics To Accelerate Development for x86 and ARM Environments

Get RSS feed Easy Print E-Mail this Message

Related News
FBI Says Reboot Your Router to Stop Malware Infecting 500k Devices
Roaming Mantis Malware Infects Smartphones Through Wi-fi Routers
ZooPark Android Malware Tracks all Your Phone Activities
U.S. Sanctions Russian Cyber Actors for Cyber-Attacks
Microsoft Launches $250,000 Security Bounty
Peer-to-peer App Kicked off Dofoil Coin Miner Outbreak
Telegram Messenger Vulnerability Spread Multipurpose Malware
U.S. Takes Down Cybercriminal Enterprise Responsible for More than $530 Million in Losses
Google Removed 700,000 Apps From Google Play in 2017
Fake Spectre and Meltdown Patch Pushes Malware
Malware Spread Through PornHub
Cloak and Dagger Security Hole in Android Discovered

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2018 - All rights reserved -
Privacy policy - Contact Us .