Sunday, May 28, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Sharp's President Confirms US Panel Plant Plan
Google to Retire the AlphaGo AI Program
Apple is Building AI Chip for iPhone
Chip Industry "Threatened" by Chinese Players
AMD Ryzen AGESA 1.0.0.6 Firmware to Enable Speedy Memory Clocks
Nvidia Introduces the GeForce MX150 For Laptops
Intel Dominates the Enterprise SSD Market
NVIDIA Introduces New GeForce GTX Battlebox
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > F-Secur...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, September 17, 2015
F-Secure Identifies Malware Family Linked To Russian State-backed Cyber-espionage


Security firn F-Secure has released a new whitepaper commonly referred to as "the Dukes" - a well-resourced, highly dedicated, and organized cyber-espionage group that has been working for the Russian government since at least 2008 to collect intelligence in support of foreign and security policy decision-making.

The Dukes (sometimes also referred to as APT29) are known to employ a wide arsenal of malware toolsets including MiniDuke, CosmicDuke, OnionDuke, CozyDuke, SeaDuke, CloudDuke (aka MiniDionis), and HammerDuke.

The Dukes primarily target Western governments and related organizations, such as government ministries and agencies, political think tanks, and governmental subcontractors. Their targets have also included the governments of members of the Commonwealth of Independent States; Asian, African, and Middle Eastern governments; organizations associated with Chechen extremism; and Russian speakers engaged in the illicit trade of controlled substances and drugs.

According to the report, the Dukes have engaged in apparently biannual large-scale spear-phishing campaigns against hundreds or even thousands of recipients associated with governmental institutions and affiliated organizations. These campaigns utilize a smash-and-grab approach involving a fast but noisy break-in followed by the rapid collection and exfiltration of as much data as possible. If the compromised target is discovered to be of value, the Dukes will quickly switch the toolset used and move to using stealthier tactics focused on persistent compromise and long-term intelligence gathering.

In addition to these large-scale campaigns, the Dukes continuously and concurrently engage in smaller, much more targeted campaigns, utilizing different toolsets. These targeted campaigns have been going on for at least 7 years. The targets and timing of these campaigns appear to align with the known foreign and security policy interests of the Russian Federation at those times.

The Dukes rapidly react to research being published about their toolsets and operations. However, the group (or their sponsors) value their operations so highly that though they will attempt to modify their tools to evade detection and regain stealth, they will not cease operations to do so, but will instead incrementally modify their tools while continuing apparently as previously planned.

In some of the most extreme cases, the Dukes have been known to engage in
campaigns with unaltered versions of tools that only days earlier have been brought to the public’s attention by security companies and actively mentioned in the media. In doing so, the Dukes show unusual confidence in their ability to continue successfully compromising their targets even when their tools have been publicly exposed, as well as in their ability to operate with impunity.




Previous
Next
PS4 Sales In China Limited by Local Censorship Rules        All News        Xbox 360 System Update Adds New Features
Fujitsu Achieves High Recognition Rate for Handwritten Chinese Characters     General Computing News      AMD, Mentor Graphics To Accelerate Development for x86 and ARM Environments

Get RSS feed Easy Print E-Mail this Message

Related News
Alleged NSA Malware Does Not Affect Microsoft Users
Preinstalled Malware May Be Targeting Your Android Phone
New Mac OS X Malware Steal Passwords, And iPhone Backups
Sophisticated Cybercriminal Ad-Fraud Rakes in Millions Per Day
U.S. To Review Cyber Attacks Beyond 2016 Election
Avalanche Network Dismantled in Cyber Operation
Researchers Say 1 Million Google Accounts Breached by "Gooligan"
Android Devices Vulnerable To Physical RAM Attack
Internet Disruptions Were Caused By Attacked Connected Devices
Europol Says Ransomware Is A Top Cybercrime Threat
Millions Of Android Devices Infected With Chinese Malware
'GODLESS' Android Mobile Malware Uses Multiple Exploits to Root Devices

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .