Source |
Palo Alto Network |
Identifiant |
163572 |
Date de publication |
2016-10-04 20:10:16 (vue: 2016-10-04 20:10:16) |
Titre |
OilRig Malware Campaign Updates Toolset and Expands Targets |
Texte |
Since our first published analysis of the OilRig campaign in May 2016 , we have continued to monitor this group for new activity. In recent weeks we’ve discovered that the group have been actively updating their Clayslide delivery documents, as well as the Helminth backdoor used against victims. Additionally, the scope of organizations targeted by this group has expanded to not only include organizations within Saudi Arabia, but also a company in Qatar and government organizations in Turkey, Israel and the United States. Expanded Targeting The group behind the OilRig …
|
Envoyé |
Oui |
Condensat |
2016 actively activity additionally against also alto analysis appeared arabia backdoor been behind blog but campaign clayslide company continued delivery discovered documents expanded expands first government group has have helminth include israel malware may monitor networks new not oilrig only organizations palo post published qatar recent saudi scope since states targeted targeting targets toolset turkey united updates updating used victims we’ve weeks well within |
Tags |
|
Stories |
APT 34
|
Notes |
|
Move |
|