Vandals are active in Asia in their advanced digital threats |
In the first quarter of 2020, the activities of saboteurs, which are behind persistent high-level threats, indicate that malware and its spread across mobile devices are high, and that some saboteurs target these devices.
Meanwhile, subversive activities are increasing in Asia, especially with new subversive activities, and famous traditional actors become more selective in their operations. The quarterly summary of Kaspersky threat information for the first quarter of 2020 covers this and other advanced threat trends around the world.
The summary of the direction of sabotage action in the last quarter was based on Kaspersky's investigations of threats and other sources that followed important developments. Kaspersky researchers believe that everyone should know.
The results of persistent high-level threats in the first quarter of 2020 confirm that businesses in Asia continue to grow due to various attacks in Southeast Asia, South Korea and Japan. Kaspersky has seen the emergence of new subversive groups launching campaigns in an innovative way, sometimes with a budget, and finding that they have the ability to prove themselves to key players (such as CactusPete and Lazarus) in the European Union region of living threats.
Kaspersky recently published a report on a large number of mobile advertising campaigns, such as the LightSpy ad campaign, which provides so-called drinking fountains for users in Hong Kong. Booby comes with malware that uses iOS and Android devices, as well as Android spyware called PhantomLance, to target users in Southeast Asia. It should be noted that these two campaigns have successfully used many online platforms such as forums, social media and the Google Play App Store, which demonstrate a clever way to spread malware.
Not only was Asian vandalism developing software developed on mobile devices. For example, TransparentTribe used a new section called USBWorm to implement a campaign for users in Afghanistan and India, and developed new malware to infect Android devices. , Malware is a modified version of the Trojan remote control. AhMyth Dimension, open source malware available on GitHub.
In addition, a devastating coronavirus outbreak has been used to target victims since mid-March. However, this does not mean that the tactics, methods and procedures have changed significantly, but only from the common theme of the users. Some actors such as Kimsuky, Hades and DarkHotel are the best spoilers who use this theme.
During the epidemic, the activities of the actors behind the continuing high-level threats continued in Asia, said Vicente Diez, a security researcher with the Kaspersky Global Research and Analysis team. The Pacific region has not stopped. He said: "Some actors have taken advantage of the epidemic in various ways and continue to build their reputation by declaring that they are not currently targeting health care facilities. The results show that the financial, political, and geographical interests remain the main activities of these institutions. The motivation, especially the institutions that have emerged in the past two years where these institutions try to make Aziz A place in subversive units. "
Diez added: "With the introduction of new solutions to innovative solutions, mobile devices have become more attractive to new sabotage, while popular sabotage is almost invisible. This may be because we all face it because of changing circumstances, but I must, as usual, point out that it cannot We have a full view and some activities are not monitored and we do not fully understand other activities, so protect against known and unknown threats. Everyone is always important. "
Kaspersky's prepaid prepaid report for the first quarter of 2020 summarizes the findings of the Threat Information report, which Kaspersky provides to subscribers only, and includes penetration index data and YARA rules to assist in digital forensic research and malware detection.