Shadow Brokers data dump tipped researchers off to a mysterious APT dubbed DarkUniverse

Clues about a hacking group that carried out attacks against targets in countries including Syria, Iran and Russia were included in files leaked by a mysterious group known as the Shadow Brokers, according to new findings. Researchers from the security vendor Kaspersky published a report Tuesday detailing an advanced persistent threat (APT) group the company has dubbed DarkUniverse. Documents published in 2017 by the Shadow Brokers — an elusive group that publicly disseminated NSA hacking tools — included a script that checked for other hacking groups lurking in a compromised system. DarkUniverse was among the groups the script could check for. The DarkUniverse group hit victims in Afghanistan, Tanzania, Ethiopia, Belarus and the United Arab Emirates, along with more common targets like Russia, Iran and Syria. All told, the APT group breached “around” 20 victims ranging from military agencies to private sector organizations like telecommunication firms, and medical institutions. “We believe […]

The post Shadow Brokers data dump tipped researchers off to a mysterious APT dubbed DarkUniverse appeared first on CyberScoop.

Continue reading Shadow Brokers data dump tipped researchers off to a mysterious APT dubbed DarkUniverse