Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Hackers improve their malware to better target embassy personnel

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

May 25, 2016

It looks like hackers have improved their malware to better target embassy personnel, says a Palo Alto Networks security team.

The so-called "Operation Ke3chang" campaign is rattling the TidePool malware which it has quietly upgraded over recent years.

Internet security researchers Micah Yates, Mike Scott, Brandon Levene, Jen Miller-Osborn and Tom Keigher say the group slipped under analysts' radars since 2013 and took the opportunity to hit Indian embassies around the globe.

"Despite going unreported since that time, Operation Ke3chang has not ceased operations and in fact continued developing its own malware," the so-called Unit 42 team says.

"TidePool has strong behavioral ties to Ke3chang and is being used in an ongoing attack campaign against Indian embassy personnel worldwide. We have uncovered its utilization against Indian Embassies indicating this is likely a high priority target as it has continued over multiple years," the team asserted.

The researchers say TidePool contains some common remote access trojan capabilities for remote compromise, allowing for read, write and deletion of various files and folders.

On any given day, TidePool exploits a Microsoft Word vulnerability (CVE-2015-2545) revealed by FireEye in November of last year.

The security flaw in question centres on the processing of .eps files allowing attackers to execute arbitrary code, among other things.

Source: Palo Alto Network Security.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer