• 4 minutes Drone attacks cause fire at two Saudi Aramco facilities, blaze now under control
  • 7 minutes China Faces Economic Collapse
  • 13 minutes Oil Production Growth In U.S. Grinds To A Halt
  • 15 minutes Iran in the world market
  • 18 minutes Ethanol, the Perfect Home Remedy for A Saudi Oil Fever
  • 2 hours USA Wants Iran War -- Shooty Shooty More
  • 3 hours Never Bring A Rapier To A Gun Fight
  • 19 mins Collateral Damage: Saudi Disruption Leaves Canada's Biggest Refinery Vulnerable
  • 6 hours Bahrain - U.S.: Signed Deal To Buy Patriot Missiles
  • 8 hours One of the fire satellite pictures showed what look like the fire hit outside the main oil complex. Like it hit storage or pipeline facility. Not big deal.
  • 3 hours USA : Attack came from 'Iranian soil'. Pompeo to release 'evidence'.
  • 6 hours Trump Will Win In 2020 And Beyond..?
  • 8 mins Yawn... Parliament Poised to Force Brexit Delay Until Jan. 31
  • 9 hours Wonders of US Shale: US Shale Benefits: The U.S. leads global petroleum and natural gas production with record growth in 2018
  • 7 hours How OPEC and OECD play their role in setting oil price in light of Iranian oil sanction ?? Does the world agree with Iran's oil sanctions ???
  • 3 hours Aramco Production
  • 6 hours Democrats and Gun Views
Coal Is Fueling China’s Data Center Boom

Coal Is Fueling China’s Data Center Boom

China’s data center sector is…

Can Oil Survive The Looming Economic “Ice Age?”

Can Oil Survive The Looming Economic “Ice Age?”

A wide-spread economic recession is…

Operation ‘Sharpshooter’ Targets Energy, Defense Firms

Cybercrime

A new global cyber threat campaign has recently infiltrated dozens of energy, defense, nuclear, and financial companies around the world, using malware to extract and exploit data from these organizations in a campaign McAfee has dubbed ‘Operation Sharpshooter’.

The McAfee Advanced Threat Research team and McAfee Labs Malware Operations Group say that they have discovered that this new global campaign uses an in-memory implant to download and retrieve a second-stage implant—which McAfee calls Rising Sun—for further exploitation.

This campaign appeared in 87 organizations—mostly in the United States—in October and November this year. The malware links were posing as industry job recruitment activity, gathering information to monitor for possible future exploitation, according to McAfee.

“This actor has used recruiting as a lure to collect information about targeted individuals of interest or organizations that manage data related to the industries of interest,” the McAfee report says.

The new malware campaign uses source code from a 2015 backdoor Trojan Duuzer malware campaign by Lazarus Group in a new framework to infiltrate these key industries.

Notorious cyber crime group Lazarus Group has been linked to last year’s WannaCry ransomware attacks and to cyber attacks at Sony Pictures and Bangladesh Bank.

“Operation Sharpshooter’s numerous technical links to the Lazarus Group seem too obvious to immediately draw the conclusion that they are responsible for the attacks, and instead indicate a potential for false flags,” said McAfee about the global cyber spy campaign it had discovered.

“We have not previously observed this implant. Based on our telemetry, we discovered that multiple victims from different industry sectors around the world have reported these indicators,” McAfee said.

“Was this attack just a first-stage reconnaissance operation, or will there be more? We will continue to monitor this campaign and will report further when we or others in the security industry receive more information.”

By Tsvetana Paraskova for Oilprice.com

More Top Reads From Oilprice.com:



Join the discussion | Back to homepage

Leave a comment

Leave a comment

Oilprice - The No. 1 Source for Oil & Energy News
Download on the App Store Get it on Google Play