Pawn Storm Uses SEDNIT for Espionage Purposes - How to, Technology and PC Security Forum | SensorsTechForum.com
CYBER NEWS

Pawn Storm Uses SEDNIT for Espionage Purposes

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Created in 2007, Pawn Storm is the name of a cyber-espionage operation whose main aim is targeting military, governments and media entities.

The name Pawn Storm comes from a chess action where the pawns are organized into a massive defense against the adversary. The name corresponds to this operation as the attackers use multiple downloaders in order to avoid being caught and to continue their work undisturbed. According to experts at Trend Micro, a specialized blog about threat and security information, the cyber criminals behind the Pawn Storm work with several attack tactics to penetrate the victims’ defense. And they are:

→ spear-phishing emails with malicious Microsoft Office documents lead to SEDNIT/Sofacy malware, very selective exploits injected into legitimate websites that will also lead to SEDNIT/Sofacy malware, and phishing emails that redirect victims to fake Outlook Web Access login pages,’ as per Trend Micro.

The researchers have noticed that the piece of malware called SEDNIT is used quite often, specifically through spear-phishing emails. After a closer look at SEDNIT malware and how the cyber criminals utilize it, Trend Macro have concluded that the attackers are quite experienced indeed. SEDNIT appears to be very flexible – it’s designed to break through the victims’ defense easily, after which it continues to capture as much information as possible.

In one of the recent attacks involving SEDNET, the cyber criminals attacked Polish websites through the browser and threatened the payload hosting. Apparently they intended to make it look like they were targeting multiple users, when in fact, they had a far smaller list of targets.

In addition to the espionage tactics, the attackers have other methods to compromise the victims’ systems such as malware for exploiting and data-stealing.
‘SEDNIT variants particularly proved useful, as these allowed the threat actors to steal all manners of sensitive information from the victims’ computers while effectively evading detection,’ said researchers at Trend Micro.SEDNIT

Avatar

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...