VRB News
Virtual Reality Brisbane
  • Home
  • About us
  • IT news
  • Tech
  • World
  • Contact
No Result
View All Result
  • Home
  • About us
  • IT news
  • Tech
  • World
  • Contact
No Result
View All Result
No Result
View All Result
Home IT news

“Kaspersky lab” has identified a campaign of cyber espionage against industrial enterprises

admin by admin
October 10, 2020
in IT news
0
“Kaspersky lab” has identified a campaign of cyber espionage against industrial enterprises
0
SHARES
11
VIEWS
Share on FacebookShare on Twitter

“Kaspersky lab” has identified a campaign of cyber espionage against industrial predpriiatiia Alexandrov | 09.10.2020

«Лаборатория Касперского» выявила кампанию кибершпионажа против промышленных предприятий

Discovered a set of malicious modules MontysThree, existing since at least 2018 and is intended for targeted attacks on industrial enterprises.

It uses equipment to help avoid detection, including a message from the control and command server using public cloud services and steganography.

MontysThree consists of four modules. The attack begins with the distribution of the Downloader with the help of phishing via self-extracting archives. The names of files in such archives can be associated
with lists of contacts of personnel, technical documentation or results of medical tests. The loader decrypts the main malicious module from a bitmap
with steganography. This applies to a specially developed algorithm.

The main malicious module uses several encryption algorithms to avoid detection, mainly RSA for communication with the control server and to decrypt configuration
data. In these is based on the XML data describes the tasks of the malware: search for documents with specified extensions in the specified directories and removable media. This information
showed that the operators MontysThree interested in Microsoft Office documents and Adobe Acrobat.

In addition, the modules can take screenshots of the desktop to determine whether the victim operators, analyzing its network and local settings, etc. this information is encrypted and
transferred to public cloud services (Google Drive, Microsoft One Drive, Dropbox), using them is getting new files.

MontysThree also uses a simple method to consolidate in the system — the quick launch toolbar the Windows Quick Launch. Users, without knowing, run a primary module
malware every time with this panel open legitimate applications, such as browsers.

The experts found no similarities of this malicious code with code from other targeted campaigns.

“Attacks using tools MontysThree stand out not only because it focused on industrial enterprises (although this is not unique, but they are not the most popular targets for targeted attacks), but
and combination of advanced and Amateur tactics and methods. The level of technical solutions in this set of tools varies considerably. The developers MontysThree use modern reliable
cryptographic standards and customized steganography. The level of development is not as high as for the major APT players, but the authors put a lot of effort into making this set of tools
and continue to develop it, so we assume that they have well-defined objectives and the campaign is short,” — says Denis Legato, senior expert
cybersecurity in the “Kaspersky Lab”.

information security, cyber espionage, corporate information security

Kaspersky lab | Kaspersky Lab

Previous Post

Disclosed the cost of the new Oculus Quest

Next Post

DropLabs — haptic shoes for the VR

admin

admin

Related Posts

How to Grow a YouTube Channel with ScaleLab
IT news

How to Grow a YouTube Channel with ScaleLab: Effective Strategies for Creators

February 4, 2025
Sticker mockups
IT news

Sticker mockups: how to visualize your ideas professionally and efficiently

January 13, 2025
Ways to Get Free Senegal Proxies for Work and Surfing
IT news

Ways to Get Free Senegal Proxies for Work and Surfing

December 24, 2024
Crypto Betting Frontiers
IT news

Crypto Betting Frontiers: The 2025 Landscape

December 6, 2024
iGaming Marketing Trends for 2025
IT news

iGaming Marketing Trends for 2025: Adapting to a Rapidly Changing Landscape

December 5, 2024
Next Post
DropLabs — haptic shoes for the VR

DropLabs — haptic shoes for the VR

Premium Content

Terror in the Depths with Narcosis, now available

Terror in the Depths with Narcosis, now available

April 10, 2022
Saving the iPhone from water death

Saving the iPhone from water death

June 24, 2022

Spotify will launch in Russia on July 15,

July 11, 2020

Browse by Category

  • Games
  • IT news
  • Tech
  • World

VRB News is ready to cooperate with webmasters and content creators. Send an email to info@virtualrealitybrisbane.com

Categories

  • Games
  • IT news
  • Tech
  • World

Recent Posts

  • How to Grow a YouTube Channel with ScaleLab: Effective Strategies for Creators
  • Sticker mockups: how to visualize your ideas professionally and efficiently
  • Ways to Get Free Senegal Proxies for Work and Surfing

© 2023 - The project has been developed ServReality

No Result
View All Result
  • Home
  • About us
  • IT news
  • Tech
  • World
  • Contact

© 2023 - The project has been developed ServReality

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?