CompaniesFeaturedIT SecuritySecuritySoftwareSouth AfricaTechnology

Increased threat of IT supply chain attacks

JOHANNESBURG – RESEARCHERS have discovered a series of attacks by a new malware, supposedly developed by the infamous OilRig Advanced Persistent Threat (APT) group active in the Middle East and Turkiye for over a decade.

The group is known for targeting high-profile government entities across Africa, the Middle East and Turkiye for cyber espionage purposes.

Kaspersky Researchers have announced the discovery.

The OilRig APT commonly uses social engineering tactics, exploits software and technical vulnerabilities within their victims.

However, Kaspersky experts noticed the group has updated their arsenal, resorting to persistent, stealthier ways of infiltrating their targets through third-party IT companies.

The APT group has executed PowerShell scripts to gain access to terminal servers at IT companies in the region to collect credentials and sensitive data about their targets.

The group is said to have used the stolen information to infiltrate their targets and deploy malware samples that relied on Microsoft Exchange Web Services to perform Command and Control (C2) communications, and steal data.

The investigated malware appeared to be a variant of an older malware used by the threat actor.

“OilRig has taken the meaning of ‘stealth mode’ to the next level with its complex and heavily modified tactics, techniques and procedures to exploit third party IT companies,” said Maher Yamout, Senior Security Researcher at Kaspersky.

The official said it is evident from Kaspersky investigations that third party attacks are stealthier, agile and remain undetected in comparison to other tactics, posing grave risk to the functioning of government entities in the targeted regions.

“The radical shift to infiltrate IT companies that are part of a supply chain is an indication that regional government entities are stepping up their cybersecurity game, driving APT groups to think out of the box,” Yamout said.

– CAJ News

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

LINK PARTNER: slot5000 idngg vegas88 elanggame koko303 gen77 hoki99 zeus138 roma77 ligaplay88 gaspol168 sikat138 bonus168 agen388 ligagaruda vegas77 vegasslot77 pokerseri