Lights Out: Dragonfly is on the move
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Lights Out: Dragonfly is on the move | |
|---|---|
| Botnet | Havex, Oldrea, Karagany, SYSMain |
| Malware | |
| Botnet/malware group | |
| Exploit kits | LightsOut, Hello |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | Dragonfly, Energetic Bear |
| Operation/Working group | |
| Vulnerability | CVE-2012-1723, CVE-2013-2465, CVE-2012-4792, CVE-2013-1347, CVE-2013-2465 |
| CCProtocol | |
| Date | 2014 / 2014-07-21 |
| Editor/Conference | CyActive |
| Link | http://www.cyactive.com/lights-dragonfly-move/ (Archive copy) |
| Author | Sariel Moshe |
| Type | Blogpost |
Abstract
“ A large, possibly state-backed operation named Dragonfly\Energetic Bear, which has been running since 2011, was recently discovered infecting US and European energy and Industrial Control System (ICS) equipment manufacturers. The operation reused both exploits and RAT’s in its attacks.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1731,
editor = {CyActive},
author = {Sariel Moshe},
title = {Lights Out: Dragonfly is on the move},
date = {21},
month = Jul,
year = {2014},
howpublished = {\url{http://www.cyactive.com/lights-dragonfly-move/}},
}