Kaspersky Lab Exposes the Poseidon Group
A Commercial Malware Boutique Operating on Land, Air and Sea - Seite 2
The information gathered is then leveraged by a fronting business to manipulate victim companies into contracting the Poseidon Group as a security consultant under the threat of exploiting the stolen information in a series of shady business deals to benefit Poseidon.
"The Poseidon Group is a long-standing team operating on all domains: land, air and sea. Some of its command and control centers have been found inside ISPs providing Internet service to ships at sea, wireless connections as well as those inside traditional carriers," said Dmitry Bestuzhev, Director, Global Research and Analysis Team, Kaspersky Lab Latin America. "In addition, several of its implants were found to have a very short life span which contributed to this Group being able to operate for such a long time without being detected."
As the Poseidon Group has been active for at least ten years, the techniques used to design its implants have evolved, making it hard for many researchers to correlate indicators and put all of the pieces together. However, by carefully collecting all the evidence, working with the threat actor's calligraphy and reconstructing the attacker's timeline, Kaspersky Lab experts were able to establish by the middle of 2015 that previously detected but unidentified traces in fact belonged to the same threat actor, the Poseidon Group.
Kaspersky Lab's products detect and remove all known versions of Poseidon Group components.
To read the full report on the Poseidon Group with a detailed description of the malicious tools and stats, together with indicators of compromise, see Securelist.com
Learn how sophisticated targeted attacks are investigated: http://www.youtube.com/watch?v=FzPYGRO9LsA
More about cyberespionage operations here: https://apt.securelist.com/
Lesen Sie auch
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab's deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at http://www.kaspersky.co.uk.
Editorial Contact:
Berkeley PR
Lauren White
kasperskylab@berkeleypr.co.uk
+44(0)118-909-0909
1650 Arlington Business Park
RG7 4SA, Reading
Kaspersky Lab UK
Stephanie Fergusson
Stephanie.Fergusson@kasperskylab.co.uk
+44(0)7714107292
2 Kingdom Street
W2 6BD, London