Threat Reports

Silobreaker Daily Cyber Digest – 25 Feb 2016

Lazarus Group
It appears that the Guardians of Peace, infamous for the Sony Pictures Entertainment (SPE) attack, was merely the cover for a long running APT that researchers have dubbed The Lazarus Group.

Led by Novetta, specialists from major AV/security/analytics companies have released a report detailing their findings as part of Operation Blockbuster, an industry-wide effort to clarify and attribute the 2014 SPE attack.

It remains likely that the Lazarus Group is associated with North Korea, but a TTP/YARA analysis suggests that up to 45 families of malware are linked to Lazarus. This would mean that the group has been in operation from around 2007.

Porn Clicker Trojan
On a slightly lighter note, it looks like the Google Play store is totally infested with porn clicker trojans.

Porn clickers are a type of click-fraud enabling malware that scams advertisers out of revenue by opening an invisible browser window on users’ phones and ‘clicking’ on ads hosted by porn sites.

ESET researchers have found over 300 on the Google Play store in the last seven months, mostly hidden inside what appear to be popular games.

Sons of the Caliphate
The Islamic State (IS) appear to have launched a new hacking division entitled ‘Sons of the Caliphate.’ The group debuted itself by launching a video called Flames of the Supporters where they made death threats against Mark Zuckerberg and Twitter CEO Jack Dorsey.

More importantly the group also claimed to have compromised over 10,000 Facebook accounts and 5000 Twitter handles. The video showed ‘evidence’ of these claims, stating that the accounts had been hacked and handed over to IS supporters.

Although IS already have a well established hacker unit, the Islamic State Hacking Division, the disparate nature of the group and its relative lack of centralized command mean that new groups such as this are likely to established often.

The veracity of the groups claims has not been verified, and it is worth remembering that many grandiose statements such as this made by IS have eventually been proved false.

#Sons_Caliphate_Army
This is the twitter hashtag being used by the newly founded ‘Sons of the Caliphate.’ Throughout its mentions it reiterates the groups ambitions to undermine the efforts of Facebook and Twitter to stifle the spread of IS propaganda on social media.

They claim to be unaffected by account closures and user bans, and threaten that further action against their objective will result in Facebook and Twitter being ‘erased’.

The Silobreaker Team

More News

  • Silobreaker Daily Cyber Digest – 23 January 2019

      Malware New ransomware family Anatova discovered on private peer-to-peer network McAfee researchers discovered ransomware, dubbed Anatova, that ciphers files before requesting a ransom...
  • Silobreaker Daily Cyber Digest – 22 January 2019

      Malware New STOP ransomware variant distributed through software cracks and adware bundles A new STOP ransomware variant is being bundled with adware and...
  • Silobreaker Daily Cyber Digest – 21 January 2019

      Malware Check Point release an update on GandCrab variant Check Point have published an update to their previous report on GandCrab, reviewing how...
View all News

Request a demo

Get in touch