Home > Cyber News > Pawn Storm Uses SEDNIT for Espionage Purposes
CYBER NEWS

Pawn Storm Uses SEDNIT for Espionage Purposes

by   |  Last Update:  |  0 Comments  

Created in 2007, Pawn Storm is the name of a cyber-espionage operation whose main aim is targeting military, governments and media entities.

The name Pawn Storm comes from a chess action where the pawns are organized into a massive defense against the adversary. The name corresponds to this operation as the attackers use multiple downloaders in order to avoid being caught and to continue their work undisturbed. According to experts at Trend Micro, a specialized blog about threat and security information, the cyber criminals behind the Pawn Storm work with several attack tactics to penetrate the victims’ defense. And they are:

→ spear-phishing emails with malicious Microsoft Office documents lead to SEDNIT/Sofacy malware, very selective exploits injected into legitimate websites that will also lead to SEDNIT/Sofacy malware, and phishing emails that redirect victims to fake Outlook Web Access login pages,’ as per Trend Micro.

The researchers have noticed that the piece of malware called SEDNIT is used quite often, specifically through spear-phishing emails. After a closer look at SEDNIT malware and how the cyber criminals utilize it, Trend Macro have concluded that the attackers are quite experienced indeed. SEDNIT appears to be very flexible – it’s designed to break through the victims’ defense easily, after which it continues to capture as much information as possible.

In one of the recent attacks involving SEDNET, the cyber criminals attacked Polish websites through the browser and threatened the payload hosting. Apparently they intended to make it look like they were targeting multiple users, when in fact, they had a far smaller list of targets.

In addition to the espionage tactics, the attackers have other methods to compromise the victims’ systems such as malware for exploiting and data-stealing.
‘SEDNIT variants particularly proved useful, as these allowed the threat actors to steal all manners of sensitive information from the victims’ computers while effectively evading detection,’ said researchers at Trend Micro.SEDNIT

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Related posts:
  1. Storm Ransomware Removal – Restore Files Storm ransomware is a data locker malware that penetrates the...
  2. Remove Storm Alert from Your Computer Storm Alert is a legitimate browser extension, promoted as a...
  3. In 2015, Spear Phishing Was Mostly Followed by Malware Spear phishing attacks have turned into one of the biggest...
  4. Storm Search Browser Redirect – How to Remove Storm Search pop-up ads affect your browser. Storm Search is...
  5. Micro Virus [.micro File] Removal & Recovery What Is Micro Virus Micro virus is the name of...
  6. Drovorub Linux Malware Used For Espionage Purposes by Russian Hackers A dangerous Linux malware called Drovorub has been recently discovered...
  7. .HeroesOftheStorm File Virus – Removal and Restore Guide The .HeroesOftheStorm file virus aims to establish its malicious files...
  8. Komplex Trojan for OS X Works Just Like the Windows Carberp Trojan Komplex is, according to security researchers at Palo Alto Networks,...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree