- Sputnik International
World
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

Nuclear, Defense, Energy Companies Target of Latest Global Hack

© Photo : PixabayCybercrime
Cybercrime - Sputnik International
Subscribe
In a new global campaign dubbed “Operation Sharpshooter,” an unknown hacking group is infiltrating dozens of companies around the world with malicious software, cybersecurity firm McAfee reported Wednesday.

According to a December 12 blog post by McAfee, the global hack had nuclear, defense, energy and financial companies in the crosshairs. Between October and November, the hacking group targeted people at 87 companies through social media by sending them what appeared to be "recruitment" messages to lure them into clicking on malicious documents. 

Hacked - Sputnik International
Asia
China Has ‘Taken the Gloves Off’ in New Hacking Attacks on US - Report

"This campaign, Operation Sharpshooter, leverages an in-memory implant to download and retrieve a second-stage implant — which we call Rising Sun — for further exploitation. According to our analysis, the Rising Sun implant uses source code from the Lazarus Group's 2015 backdoor Trojan Duuzer in a new framework to infiltrate these key industries," the McAfee blog post states, referencing Lazarus Group, a cybercrime group that may be linked to North Korea.

Once the Rising Sun program was installed on a computer, hackers were able to obtain access to usernames, IP addresses, network configuration and system settings data.

"This actor has used recruiting as a lure to collect information about targeted individuals of interest or organizations that manage data related to the industries of interest," McAfee reported, adding that the malware contains a "weaponized macro to download the next stage, which runs in memory and gathers intelligence." The victim's data is then transferred to a control server.

"Operation Sharpshooter's numerous technical links to the Lazarus Group seem too obvious to immediately draw the conclusion that they are responsible for the attacks, and instead indicate a potential for false flags," the blog post adds. 

WhatsApp media platform - Sputnik International
WhatsApp Bug Left Users Exposed to Hacking When Answering Video Call

In 2016, Lazarus Group was believed to be involved in the theft of $1 billion from the Bangladesh Bank, which FBI investigators called "the biggest cyber-heist in history," Sputnik previously reported.

In addition, the US Department of Justice believes Lazarus Group was behind the 2014 cyberattack on Sony Pictures Entertainment, in which confidential data about Sony employees and their families, correspondence between employees, information about salaries at the company and copies of then-unreleased Sony films were stolen and released to the public.

In 2017, Lazarus Group allegedly spread the WannaCry 2.0 virus, which affected more than 230,000 people in 150 countries. The cyberattack targeted computers running the Microsoft Windows operating system by encrypting user data and then demanding ransom money in the form of bitcoin cryptocurrency in exchange for decrypting the target's files.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала