Security researchers at
Norman have uncovered a large-scale malware and cyber-espionage
operation believed to be related to high-profile attacks and government
system breaches.
Known as Hangover, the attack is believed
to have originated in India and is said to be a highly sophisticated
and professional operation. The attack is not, however, believed to be a
state-sponsored operation but rather an act of a private-sector group.
“It has likely been in operation for over
three years, primarily as a platform for surveillance against targets
of national security interest that are mostly based in Pakistan and
possibly in the United States,” the researchers said.
“It is also used for industrial espionage against the Norwegian telecom corporation Telenor and other civilian corporations.”
The Hangover operation is said to include
targeted attacks on organisations in the UK, Germany, Austria, China
and Thailand, amongst other countries in Europe, Asia and the Middle
East. Researchers believe that the attacks are primarily targeted
operations in which high-profile users are infected with spear-phishing
attacks that give the malware operators network access.
Most notably, the attack was found to be connected to a mysterious malware outbreak found targeting OS X systems.
The attack, first uncovered by researchers at a privacy convention in
Oslo, Norway, was found on the Macbook of a delegate from Africa. Norman
also believes that the operation is using mobile malware that has yet
to be formally discovered and classified.
Researchers noted that the Hangover
attack could prove monumental in its indication that private groups,
rather than state-sponsored hacking organisations, are now running
highly sophisticated targeted attack and intelligence-gathering
operations.
“All indications point to private
syndicates of threat actors following their own motivations,” the
researchers wrote. “With no direct evidence of state sponsorship by the
Indian government or by any other nation.”
No comments:
Post a Comment