Type: Believed Cyber-mercenary Stone Panda APT Status: Active May 2010-Oct. 2013; current status unknown Target Sectors: Healthcare, Defense, Aerospace, Government Malware: PoisonIvy RAT GUI widely available Capable of: renaming, deleting, uploading, downloading or executing files; viewing or editing registry keys; viewing, suspending, or killing running processes; viewing or terminating network connections; viewing and controlling services; viewing or disabling installed devices; enumerating, deleting, or uninstalling programs Capable of logging keystrokes, taking screenshots, recording audio or webcam footage, and by capturing saved passwords and hashes iechecker/ EvilGrab Capture audio, video, screenshots, and keystrokes Preferred Attack Vector: Spear phishing emails
No comments:
Post a Comment