This sneaky hacking group hid inside networks for 18 months without being detected

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.zdnet.com/article/this-sneaky-hacking-group-hid-inside-networks-for-18-months-without-being-detected/
Group exploits IoT vulnerabilities and legitimate Windows functions to snoop on emails and servers, say researchers.

A previously undisclosed cyber-espionage group is using clever techniques to breach corporate networks and steal information related to mergers, acquisitions and other large financial transactions – and they've been able to remain undetected by victims for periods of more than 18 months.

Detailed by cybersecurity researchers at Mandiant, who've named it UNC3524, the hacking operation has been active since at least December 2019 and uses a range of advanced methods to infiltrate and maintain persistence on compromised networks that set it apart from most other hacking groups. These methods include the ability to immediately re-infect environments after access is removed. It's currently unknown how initial access is achieved.

One of the reasons UNC3524 is so successful at maintaining persistence on networks for such a long time is because it installs backdoors on applications and services that don't support security tools, such as anti-virus or endpoint protection.
Click to expand...
 
  • Like
  • Thanks
Reactions: dinosaur07, Sorrento, Nevi and 4 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
byronbytes said:
Which corporation did they hack? This sounds interesting.
Click to expand...
Good question, but I couldn't find any specific named corporations other than what services was abused. It's pretty common in these types of reports because it's many times clients or customers to these security companies.

I do recommend try read the whole report. The part of hacked security cameras and their use was interesting.
 
  • Like
  • Wow
Reactions: Sorrento, Nevi, Venustus and 3 others
You must log in or register to reply here.

Similar threads

upnorth
    • Like
    • +Reputation
Critical Barracuda 0-day used to Backdoor Networks for 8 Months
Replies
5
Views
3,563
News Archive
[correlate]
[correlate]
vtqhtr413
    • Like
Cybercriminals Target Telecom Provider Networks
Replies
0
Views
469
News Archive
vtqhtr413
vtqhtr413
Gandalf_The_Grey
    • +Reputation
    • Like
    • Wow
Hackers infect TP-Link router firmware to attack EU entities
Replies
6
Views
2,064
News Archive
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top