Oil and Gas Firms Targeted By New LYCEUM Threat Group

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,171
Content source
https://threatpost.com/oil-and-gas-firms-targeted-by-new-lyceum-threat-group/147705/
Researchers have identified a never-before-seen threat group targeting Middle East critical infrastructure organizations with novel malware, sent via spearphishing emails.

The threat group, LYCEUM, was observed in 2019 sending spear phishing emails harboring malicious Microsoft Excel attachments to oil and gas companies. When clicked, the attachments downloaded a newly-discovered malware called DanBot, which subsequently deploys post-intrusion tools to spread across the impacted company’s network, steal credentials and other account information and capture keystrokes on impacted systems.

“LYCEUM appears to have been operating for over a year without detection and it was intriguing to discover a new group with a similar style to established Iranian threat groups, but otherwise no distinguishing technical characteristics that allow it to be linked to previously documented activity,” Rafe Pilling, senior security researcher at Secureworks Counter Threat Unit, told Threatpost.
Click to expand...
Read more below:
threatpost.com

New Threat Group Found Targeting Critical Infrastructure Firms With Spear

Researchers have identified a new threat group targeting critical infrastructure organizations primarily in the Middle East with spear phishing emails. The threat group, LYCEUM, has been observed in several campaigns in 2018 and 2019 sending spearphishing emails with malicious Excel documents...
threatpost.com threatpost.com
www.secureworks.com

Cyber Threat Group LYCEUM Takes Center Stage in Middle East Campaign

The previously unobserved LYCEUM threat group targeted critical infrastructure organizations without being detected for more than 12 months.
www.secureworks.com www.secureworks.com
 
  • Like
  • +Reputation
Reactions: Venustus, catjc, upnorth and 1 other person
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
Lyceum APT Returns, This Time Targeting Tunisian Firms
Replies
0
Views
547
News Archive
silversurfer
silversurfer
vtqhtr413
    • +Reputation
    • Like
Novel Spy Group Targets Telecoms in 'Precision-Targeted' Cyberattacks
Replies
0
Views
596
News Archive
vtqhtr413
vtqhtr413
[correlate]
    • Like
    • Wow
Iran's Lyceum Hackers Target Telecoms, ISPs in Israel, Saudi Arabia, and Africa
Replies
0
Views
904
News Archive
[correlate]
[correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top