Wednesday September 18, 2019
Home Lead Story McAfee Discov...

McAfee Discovers Cyber-spy Campaign Using Code From Chinese Group

As for implications and impact, these attacks may be a precursor to a much larger attack given the control the attackers have over their infected victims, McAfee said

0
//
McAfee
Sensitive data in Cloud more exposed than organisations think: McAfee. IANS

Global cybersecurity firm McAfee on Thursday said it discovered a new cyber espionage campaign which reused source code from the hacker group APT1, or Comment Crew, a Chinese military-affiliated group accused of launching cyber-attacks on more than 141 US companies from 2006 to 2010.

The new campaign, dubbed Operation Oceansalt, is targeting South Korea, Canada and the US, McAfee said in a report released in its cybersecurity summit “MPOWER 2018” here.

The actors of this new campaign have not been identified.

However, the report suggests that the development of the Oceansalt implant would not have been possible unless the actors behind it had direct access to Comment Crew’s 2010 Seasalt source code.

“This research represents how threat actors are continuously learning from each other and building upon their peers’ greatest innovations,” Raj Samani, Chief Scientist at McAfee, said in a statement.

McAfee found that Oceansalt was launched in five attack “waves” adapted to its targets.

Logo of McAfee
Logo of McAfee, flickr

The first and second waves of the attack were spearfishing based and began with a malicious Korean-language Microsoft Excel document created and saved in May 2018, acting as downloaders of the implant.

A third round of malicious documents, this time in Microsoft Word, carried the same metadata and author as the Excel documents.

The Word document contained fake information related to the financials of the Inter-Korean Cooperation Fund. Waves four and five identified a small number of targets outside of South Korea – including the US and Canada – as the attackers expanded their scope.

Also Read- Latest Football Results At 777score

As for implications and impact, these attacks may be a precursor to a much larger attack given the control the attackers have over their infected victims, McAfee said.

Oceansalt gives the attackers full control of any system they manage to compromise and the network to which it is connected. Given the potential collaboration with other threat actors, considerably more assets are open and available to act upon, the report said. (IANS)

Next Story

McAfee Announces Acquisition of Cloud Security Startup NanoSec for An Undisclosed Sum

The acquisition of NanoSec will strengthen the container security capabilities of McAfee MVISION Cloud and MVISION Server Protection products

0
McAfee, Cloud, Security
Founded by Chief Executive Officer Vishwas Manral in 2015, NanoSec has its offices in Bengaluru and California. Pixabay

Global cyber security firm McAfee on Friday announced the acquisition of cloud security startup NanoSec for an undisclosed sum.

Founded by Chief Executive Officer Vishwas Manral in 2015, NanoSec has its offices in Bengaluru and California.

The acquisition of NanoSec will strengthen the container security capabilities of McAfee MVISION Cloud and MVISION Server Protection products, giving its customers the ability to speed up application delivery while enhancing governance, compliance and security of their hybrid, multi-cloud deployments, McAfee said.

NanoSec’s security capabilities will be applied to applications and workloads deployed in containers and Kubernetes and will be integrated into McAfee MVISION Cloud and MVISION Server Protection offerings.

McAfee, Cloud, Security
Global cyber security firm McAfee on Friday announced the acquisition of cloud security startup NanoSec for an undisclosed sum. Pixabay

These capabilities include continuous configuration compliance and vulnerability assessment as well as runtime application-level segmentation for detecting and preventing lateral movement of threats.

“NanoSec’s team brings a wealth of experience to McAfee, and together we are committed to enabling organizations to reach their full cloud potential,” said Rajiv Gupta, Senior Vice President and General Manager of the cloud security business unit, McAfee.

Also Read-Reliance Industries (RIL) to Bring Tiffany & Company to India

“Joining forces with McAfee means that our groundbreaking capabilities including our unique application-identity based approach for app-level protection and micro-segmentation will be available on a global scale,” said Vishwas Manral, founder and CEO of NanoSec.  (IANS)