Collaborate Disseminate
The spy malware is being delivered via a complex infrastructure with multiple layers, in an effort to avoid analysis. Continue reading StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks
Bitdefender researchers have recently found the APT group StrongPity has been targeting victims in Turkey and Syria. Using watering hole tactics to selectively infect victims and deploying a three-tier C&C infrastructure to thwart forensic investig… Continue reading StrongPity APT – Revealing Trojanized Tools, Working Hours and Infrastructure
Rather than expend resources on creating fancy new tools, malicious hackers often do the bare minimum needed to breach their targets. That means that when researchers expose their malware, the groups tend to only slightly modify their code to keep it effective. The latest activity from an advanced persistent threat known as StrongPity is a prime example. After having its actions called out last year, StrongPity has come up with new malware samples it is using in a month-long, ongoing campaign against users in Turkey, according to research published Wednesday by AT&T Alien Labs. Although the code has been altered, the general attack method remains the same: go after users who download router management software to infect target organizations, and use the popular file archiver WinRAR for delivery. The spyware delivered to the organizations, which is also called StrongPity, hunts for documents on an infected network and lingers on, retaining […]
The post ‘StrongPity’ hacking group does just enough to get around defenses appeared first on CyberScoop.
Continue reading ‘StrongPity’ hacking group does just enough to get around defenses
The group is using malicious versions of WinRAR and other legitimate software packages to infect targets, likely via watering-hole attacks. Continue reading StrongPity APT Returns with Retooled Spyware
After being exposed, the APT made minor adjustments in their tactics to stay off the security radar. Continue reading StrongPity APT Changes Tactics to Stay Stealthy
Canadian researchers from human rights organization Citizen Lab uncovered a major computer espionage operation spreading across Turkey, Egypt and, indirectly, Syria. The operation, which started in 2017, is a nation-state-level network injection to del… Continue reading Turkish, Egyptian ISPs help local government conduct massive spyware operation
Mike Mimoso and Chris Brook discuss the news of the week, including the nuclear power plant ‘disruption,’ the StrongPity APT group, and the proliferation of IoT botnets.
Continue reading Threatpost News Wrap, October 14, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including the nuclear power plant ‘disruption,’ the StrongPity APT group, and the proliferation of IoT botnets.
Continue reading Threatpost News Wrap, October 14, 2016