Nation-State-Sponsored Status: believed active Active Since/Discovered: 2013 Last Report: Oct. 2013 Targets: civilian and military maritime operations in the green/brown water regions in the area of operations of the South Sea Fleet of the PLA Navy Also targeted companies in the United States, Germany, Sweden, the UK, Australia, and other nations involved in maritime satellite systems, aerospace industries, and the defense sector Target Sectors: maritime satellite systems, aerospace companies, and defense contractors Malware: Adobe Gh0st Poison Ivy Torn RAT Preferred Attack Vector: spear phishing Unique: May be PLA NAVY Marker for encrypted binaries – “PdPD” (50 64 50 44)
No comments:
Post a Comment