Articles about cyberespionage

Kaspersky Lab reveals Duqu 2.0 attack ON ITSELF during Iran nuke talks

Kaspersky Lab has unearthed an attack on its corporate network which hit high profile victims in several Western, Middle East and Asian nations, including covert surveillance attempts during the ongoing Iranian nuclear talks. The Duqu 2.0 malware platform associated with the attacks was exploiting up to three zero-day …
John Leyden, 10 Jun 2015

High-level, state-sponsored Naikon hackers exposed

The activities of yet another long-running apparently state-sponsored hacking crew have finally been exposed. The Naikon cyber-espionage group has been targeting government, military and civil organisations around the South China Sea for at least five years, according to researchers at Kaspersky Lab. The Naikon attackers …
John Leyden, 18 May 2015
The US White House. Pic: Roman Boed

CozyDuke hackers targeting prominent US targets

A newly discovered group of cyber-spies are closely targeting high profile US targets, possibly including both the White House and the State Department. The so-called CozyDuke hackers make extensive use of spear-phishing, sometimes using emails containing a link to a hacked (otherwise legitimate) websites such as "diplomacy.pl …
John Leyden, 22 Apr 2015
Babar the Elephant. Pic: Brendan Adkins

Babar the Elephant: Another malware plague with a cute name

A strain of French-language cyber-espionage malware spotted by infosec researchers shows that the NSA aren't the only spook agency brewing custom nasties to steal sensitive data. Babar was first mentioned in documents from Canadian intel agency CSEC (Communications Security Establishment Canada) leaked by Edward Snowden. They …
John Leyden, 19 Feb 2015

State Dept shuts off unclassified email after hack. Classified mail? That's CLASSIFIED

The State Department has suspended its unclassified email system in response to a suspected hacking attack. The unprecedented shutdown on Friday was reportedly applied to give technicians an opportunity to repair possible damage, as well as to apply security improvements. A senior department official said possible problems …
John Leyden, 17 Nov 2014

UK's a very popular target for EMEA cyberspies – report

Malware attacks, especially in Europe, nearly doubled in the first half of 2014, according to a new report. Government, financial services, telecommunications and energy were the most targeted sectors – collectively making up more than half of attacks detected by security vendor FireEye. The UK (17 per cent) followed by …
John Leyden, 17 Oct 2014
Remy from Ratatouille

FireEye, Microsoft, Cisco team up to take down RAT-flinging crew

Security vendors have teamed up to fight a prolific cyber-espionage group thought to be based in China. The hacking crew has been targeting finance, education, government, policy groups and think tanks for around four years since 2010. One of its main tools is Moudoor, a derivative of the infamous Gh0st RAT (remote access tool …
John Leyden, 15 Oct 2014
Flag of Israel; credit James Emery

Israeli spies rebel over mass-snooping on innocent Palestinians

Israeli politicians and a former military intelligence commander have hit back at reservists who criticized Israel for spying on ordinary Palestinians. Last week, 43 Israeli military intelligence reservists signed a letter refusing to serve in the occupied Palestinian territories over fears snoops were planning to blackmail …
John Leyden, 16 Sep 2014
Spying image

New software ported from Windows to Mac! You'll never guess what. Yes, it's spyware

Miscreants have ported five-year-old spyware XSLCmd to OS X. The Windows version of the malware has been around since 2009, and the Apple Mac edition of XSLCmd shares significant portions of the same code. It can open a reverse shell to its masters, automatically transfer your documents to a remote system, install executables …
John Leyden, 5 Sep 2014

Major cyber attack hits Norwegian oil industry

More than 50 Norwegian oil and energy companies have been hacked by unknown attackers, according to government security authorities. A further 250 firms have been advised by the Norwegian government that they ought to check their networks and systems for evidence of a breach, The Local reports. State-owned Statoil, Norway's …
John Leyden, 27 Aug 2014
Malaysia Airlines Boeing 777 9M-MRO

Chinese hackers spied on investigators of Flight MH370 - report

Malaysian officials investigating the disappearance of flight MH370 have been targeted in a hacking attack that resulted in the theft of classified material. The malware-based hacking attack hit around 30 PCs assigned to officials in the Malaysia Airlines, the Civil Aviation Department and the National Security Council, a …
John Leyden, 21 Aug 2014

New NSA boss plays down impact of Snowden leaks

Incoming NSA chief Admiral Michael Rogers has played down the impact of the Snowden revelations on the spy agency's work. Former NSA director, General Keith Alexander, described the Snowden leaks as one of the worst breaches in intelligence history. UK spy agency bosses at GCHQ and MI6 told a Parliamentary inquiry back in …
John Leyden, 1 Jul 2014

Attackers fling Stuxnet-style RATs at critical control software in EUROPE

Security researchers have uncovered a series of Trojan-based attacks which have infiltrated several targets by infecting industrial control system software from the makers of SCADA and ICS systems. The majority of the victims are located in Europe, though at the time of writing at least one US firm's compromised gear appears …
John Leyden, 26 Jun 2014
counterintelligence_foriegn_spies

Security researchers uncover three-year-old 'RUSSIAN SPYware'

Security researchers have discovered a complex and sophisticated piece of data-stealing malware they suggest may well be the work of state-sponsored hackers in Russia. The Uroburos rootkit, named after a mythical serpent or dragon that ate its own tail – and a sequence of characters concealed deep within the malware’s code ( …
John Leyden, 4 Mar 2014
Q and Bond, Skyfall

Spies spy: CrowdStrike report says cyberspooks are EVERYWHERE

CrowdStrike has confirmed that governments across the world are spying on everyone online with a new report on cyber-espionage. A year-long study by the security intelligence firm has identified more than 50 groups of cyber threat actors, blaming groups in China, Iran, Russia, North Korea, and Syria for high profile attacks. …
John Leyden, 23 Jan 2014

Cyberspies blast Icefog into US targets' backdoors

Miscreants behind a cyberespionage campaign have changed their methods to take advantage of Java-based malware. The Icefog APT (advanced persistent threat), discovered in September 2013, continues to be a problem, this time utilising a Java backdoor, according to the latest analysis of the threat by security researchers at …
John Leyden, 15 Jan 2014
Q and Bond, Skyfall

JUST LIKE US: Hackers who work for gov seem almost... ORGANISED

State-sponsored hackers are looking less like traditional hacking crews and more like military units as they share infrastructure and adopt strict hierarchies, according to new research. Infosec firm FireEye has identified links between 11 APT campaigns, including use of the same malware tools, shared code, binaries with the …
John Leyden, 14 Nov 2013
Dynasty Warriors 7

Spies launch hack attacks on Mongolia... to see who its friends are – report

Cyber-spies are targeting Mongolian businesses and government agencies to keep the attackers "aware" of the land-locked country's relationships with "Western influences" like the US and the European Union, according to a recent report. Cyber Squared’s ThreatConnect Intelligence Research Team (TCIRT) blames a "state-sponsored" …
John Leyden, 11 Oct 2013

Create a news alert about cyberespionage, or find more stories about cyberespionage.

Biting the hand that feeds IT © 1998–2018