Cylance Report Reveals Malware and Tactics of OceanLotus Group and Weakness of Traditional AV

Exploits and attackers come in various forms. Just like crime in real life, there are vandals and people just trying to wreak havoc, there are petty thieves and lone wolf criminals, and there is organized crime—crime families that make a career o… Continue reading Cylance Report Reveals Malware and Tactics of OceanLotus Group and Weakness of Traditional AV

Vietnamese hackers appear to be researching an NSA backdoor tool

A hacker group with suspected ties to the Vietnamese government appears to be researching a leaked National Security Agency tool codenamed ODDJOB, based on documents uploaded to the repository VirusTotal and tied to a source already identified as OceanLotus group, otherwise known as APT32. A classified user manual for ODDJOB was originally published on April 14 by a mysterious group, known for sharing NSA documents, named the Shadow Brokers. A copy of this same document was then uploaded April 17 to VirusTotal along with other malicious email attachments by OceanLotus. Multiple U.S. cybersecurity firms say OceanLotus is aligned with the interests of the Vietnamese government. The specific version of the manual uploaded by OceanLotus was not weaponized, meaning it didn’t carry malware that could be used to convert the harmless PDF to a phishing lure. ODDJOB is a high-quality, masterfully engineered digital weapon believed to have been once used to help […]

The post Vietnamese hackers appear to be researching an NSA backdoor tool appeared first on Cyberscoop.

Continue reading Vietnamese hackers appear to be researching an NSA backdoor tool