Business Under Attack by New Cyber Espionage Campaign

The Counter Threat Unit of Dell Secure Works has uncovered a cyber espionage campaign targeting several companies two of which are in the energy sector. The new campaign was nicknamed Mirage by the group which has been tracking it since April of this year. The name was chosen because the campaign uses the RAT (remote Trojan access) named Mirage that is spread through spearphishing emails. The CTU has identified the victims of the campaign as an energy firm in Canada, an oil company in the Philippines, a military organization in Taiwan and some still unidentified targets in Brazil, Nigeria, Egypt and Israel.

photo credit: virusinformatico.net

This new campaign is the second one that Dell Secure Works has uncovered this year. The first one was called Sin Digoo which targeted petroleum companies in Vietnam, government ministries in various countries, an embassy, a nuclear safety facility and other business groups. It is believed that both campaigns are works of the same group or, whoever is responsible for Mirage is working closely with the group behind Sin Digoo. The Mirage campaign is coming from three control and command domain names owned by someone who has the same email addresses as the owner of C & C domains used in the Sin Digoo campaign. The IP addresses of these C & Cs belong to the China Beijing Province Network, an outfit that is notorious for connections to malware and espionage.

Dexter Panganiban https://techathand.net/about-2/

Dexter is a person who loves technology,new gadget, SEO, Social Media and Christianity. Follow him at twitter via @techathand and add him @ Google+ and contact us at admin@techathand.net

You May Also Like

More From Author

+ There are no comments

Add yours

This site uses Akismet to reduce spam. Learn how your comment data is processed.