“The activities of this threat actor first came to our attention through a PowerShell-based implant called Powersing.”īut while this approach is focused more on messaging around headlines for phishing emails, the report added that a couple of technical developments to DeathStalker’s campaigns are worth nothing. “The group’s interest in gathering sensitive business information leads us to believe that DeathStalker is a group of mercenaries offering hacking-for-hire services or acting as an information broker in financial circles,” according to the report. DeathStalkerĭeathStalker, the report said, has been successful using the same tactics since 2018 to target law firms and companies in the financial sector. These divergent approaches were best represented by two groups in particular, according to the report DeathStalker and MosaicRegressor. “The widening scope of platforms attacked, continuous work on new infection chains and the use of legitimate services as part of their attack infrastructure, is something we have witnessed over the past quarter.” “While some threat actors remain consistent over time and simply look to use hot topics such as COVID-19 to entice victims to download malicious attachments, other groups reinvent themselves and their toolsets,” said Ariel Jungheit, senior security researcher at the Global Research and Analysis Team at Kaspersky. That’s according to Kaspersky’s most recent APT trends report for Q3 2020, which found that some groups are innovating and pushing technical boundaries, while others take a more low-tech approach, honing messaging around COVID, the elections and other headlines. Advanced persistent threat (APT) groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature tactics for success.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |