Difference between revisions of "Lights Out: Dragonfly is on the move"
Jump to navigation
Jump to search
(Created page with "{{Publication |Campaign=Dragonfly, Energetic Bear, |Year=2014 |Date=2014-07-21 |Editor=CyActive |Link=http://www.cyactive.com/lights-dragonfly-move/ |Author=Sariel Moshe, |Typ...") |
|||
Line 1: | Line 1: | ||
{{Publication | {{Publication | ||
|Botnet=Havex, Oldrea, Karagany, SYSMain, | |||
|ExploitKit=LightsOut, Hello, | |||
|Campaign=Dragonfly, Energetic Bear, | |Campaign=Dragonfly, Energetic Bear, | ||
|Vulnerability=CVE-2012-1723, CVE-2013-2465, CVE-2012-4792, CVE-2013-1347, CVE-2013-2465, | |||
|Year=2014 | |Year=2014 | ||
|Date=2014-07-21 | |Date=2014-07-21 |
Latest revision as of 23:15, 18 July 2015
(Publication) Google search: [1]
Lights Out: Dragonfly is on the move | |
---|---|
Botnet | Havex, Oldrea, Karagany, SYSMain |
Malware | |
Botnet/malware group | |
Exploit kits | LightsOut, Hello |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | Dragonfly, Energetic Bear |
Operation/Working group | |
Vulnerability | CVE-2012-1723, CVE-2013-2465, CVE-2012-4792, CVE-2013-1347, CVE-2013-2465 |
CCProtocol | |
Date | 2014 / 2014-07-21 |
Editor/Conference | CyActive |
Link | http://www.cyactive.com/lights-dragonfly-move/ (Archive copy) |
Author | Sariel Moshe |
Type | Blogpost |
Abstract
“ A large, possibly state-backed operation named Dragonfly\Energetic Bear, which has been running since 2011, was recently discovered infecting US and European energy and Industrial Control System (ICS) equipment manufacturers. The operation reused both exploits and RAT’s in its attacks.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1731, editor = {CyActive}, author = {Sariel Moshe}, title = {Lights Out: Dragonfly is on the move}, date = {21}, month = Jul, year = {2014}, howpublished = {\url{http://www.cyactive.com/lights-dragonfly-move/}}, }