In “Shadows in the Cloud: An investigation into cyber espionage 2.0” my co-authors and I analyzed the command and control infrastructure of a network that extracted secret, confidential and restricted documents from the Indian government and military. The Shadow Network used a complex and tiered command and control infrastructure that leveraged Twitter, Google Groups, Blogspot, [...]
Tag Archives: Social Engineering
Crime or Espionage? Part 2
September 9, 2010 – 8:28 am
In “Crime or Espionage Part 1” I examined a series of attacks that appear to be aimed at those interested in intelligence issues and those in the government and military. The malware used in these attacks was ZeuS and there are common command and control elements used in the attacks beginning in December 2009 and [...]
Malware Attacks on Solid Oak After Dispute with Greendam
January 25, 2010 – 9:38 am
The Malware Lab, of which Nart Villeneuve is a member, posted an analysis of the attacks on Solid Oak which occurred after researchers found significant portions of code from Solid Oak’s Cybersitter in China’s Greendam filtering software. Read the full post here.
“0day”: Civil Society and Cyber Security
October 28, 2009 – 9:30 am
The Infowar Monitor, of which SecDev is a partner, has published a briefing that explores cases in which there is a some form of relationship between 0day exploits and their use against civil society organizations in an effort to understand the effect of these attacks given the difficult nature of attribution. Summary Civil society organizations [...]
Targeted Malware Attack on Foreign Correspondent’s based in China
October 1, 2009 – 12:42 am
The Infowar Monitor, of which SecDev is a partner, has published a short briefing detailing targeted malware attacks on foreign correspondent’s based in China. Key Findings: The content of the email, and the accompanying malicious attachment, are in well written English and contain accurate information. The email details a reporter’s proposed trip to China to [...]