Targeted information stealing attacks in South Asia use email, signed binaries
Jump to navigation
Jump to search
(Publication) Google search: [1]
Targeted information stealing attacks in South Asia use email, signed binaries | |
---|---|
Botnet | HangOver |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2013 / 2013-05-16 |
Editor/Conference | ESET |
Link | http://www.welivesecurity.com/2013/05/16/targeted-threat-pakistan-india/ (Archive copy) |
Author | Jean-Ian Boutin |
Type | Blogpost |
Abstract
“ In the past few months, we have analyzed a targeted campaign that tries to steal sensitive information from different organizations throughout the world, but particularly in Pakistan. During the course of our investigations we uncovered several leads that indicate this threat has its origin in India and has been going on for at least two years. The journey began with a code-signing certificate and an exploit and the scope of the investigation has widened ever since. In this blog post, we will highlight several interesting artifacts of the campaign, but more will be revealed in my upcoming presentation at the 7th International CARO Workshop in mid-May.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1330, editor = {ESET}, author = {Jean-Ian Boutin}, title = {Targeted information stealing attacks in South Asia use email, signed binaries}, date = {16}, month = May, year = {2013}, howpublished = {\url{http://www.welivesecurity.com/2013/05/16/targeted-threat-pakistan-india/}}, }