It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Malware that piggybacked on CCleaner, a popular free software tool for optimizing system performance on PCs, appears to have specifically targeted high profile technology companies and may have been an attempt to harvest IP — perhaps for commercial or state-level espionage.
They sum up their analysis as follows: “[A] fairly sophisticated attacker designed a system which appears to specifically target technology companies by using a supply chain attack to compromise a vast number of victims, persistently, in hopes to land some payloads on computers at very specific target networks.”
In its assessment of the second stage payload — i.e. the bit intended for the select tech targets — Avast describes the malware as a “relatively complex piece of code”, noting it is “heavily obfuscated and uses a number of anti-debugging and anti-emulation tricks”.
originally posted by: SR1TX
a reply to: mOjOm
That's the dumbest thing I have ever heard and it will never have a real world application for taking down targets.
You need to first hack the actual PC you want (Near Impossible) then..
However, further analysis into the incident has revealed that the attack could have been carried out by a Chinese hacker group called Axiom, also known as APT17, DeputyDog, Group 72, Tailgater Team, Hidden Lynx or AuroraPanda.
An overlap of code used in these malware samples and malware previously used by Group 72 (aka Axiom), a long standing threat actor that has been known to target high profile organizations with high value intellectual property in the manufacturing, industrial, aerospace, defense, and media sectors in the US, Japan, Taiwan, and Korea. It is believed that Group 72 is a state sponsored actor backed by the Chinese government.