© Provided by: Freenet SA Ekdotiki Etairia
A wave of targeted digital espionage attacks in a Central Asian diplomatic organization, with the “Octopus” trojan that uses the form of a famous and legitimate online messenger, discovered researchers from “Kaspersky Lab“.
Once “Octopus” is installed, it provides attackers with remote access to the victims’ computers.
Threatening operators are constantly looking for exploitable modern trends and adapting their methods to jeopardize the privacy and sensitive information of users around the world. In this case, the possible ban on the widely used “Telegram Messenger” allowed threat agents to plan attacks using the “Octopus Trojan”, providing hackers with remote access to the victim’s computer.
Threatening actors are distributing “Octopus” into a file disguised as an alternative version of “Telegram messenger” for Kazakhstan’s opposition parties. The “launcher” was disguised as a recognizable symbol of one of Kazakhstan’s opposition parties and “Trojan” was hidden inside.
Once enabled, “Trojan” allows attackers to perform various functions with the data of “infected” computers, including, among others, deleting files, blocks, editing, copying, and downloading. Thus, the attackers were able to spy on their victims, steal sensitive data, and gain access to the systems. The program has several similarities to a famous digital espionage company called “Zoo Park,” where the malware used for “APT” mimics the “Telegram messenger” for spying on victims.
Using the algorithm that recognizes similarities in the software code, researchers have discovered that “Octopus” can be linked to the “DustSquad” group; a Russian-threatened player previously detected in former USSR countries in Central Asia; as in Afghanistan since 2014. In the last two years, researchers have detected four of their campaigns with improvised “Android” and “Windows malware” targeting both private users and diplomats.
“We have seen many of the threatening actors targeting diplomatic organizations in Central Asia in 2018. “DustSquad” has worked in the region for several years and may be the team behind this new threat. Unfortunately, interest in digital attacks in this area is constantly increasing. With persistence, we advise organizations in the region to constantly check their security gaps and train their employees to do the same”,
said Denis Legezo, a researcher from Kaspersky Lab.
Source: www.sofokleousin.gr
(Συνολικές Επισκέψεις: / Total Visits: 19)
(Σημερινές Επισκέψεις: / Today's Visits: 1)