Tibetan NGOs targeted in APT attack

Conocimiento pertenece al mundo
Tweet about this on TwitterShare on FacebookShare on LinkedInShare on Google+Share on StumbleUponShare on TumblrShare on RedditPin on PinterestEmail this to someone

APT actors targeted Tibetan nongovernmental organizations (NGOs) in recent attacks surrounding the G20 2014 summit in Brisbane, Australia.

ESET researchers identified a Gh0st RAT sample that, they said, had a low number of detections among their users. This RAT has previously been used by various threat actors, in both targeted campaigns and crimeware-like operations.

Tibetan NGOs targeted in APT attack

In this specific attack, victims received an email as part of a spear phishing scheme. The email, supposedly from “Tibet Press,” invited recipients to a “rally for Tibet” and had a Word document attached, which victims presumed would provide more details. Instead, the document exploited CVE-2012-0158, which could allow Gh0st RAT to be installed.

Source:http://www.scmagazine.com/g20-summit-timing-used-to-target-ngos/article/383712/

Conocimiento pertenece al mundo
Tweet about this on TwitterShare on FacebookShare on LinkedInShare on Google+Share on StumbleUponShare on TumblrShare on RedditPin on PinterestEmail this to someone

Add a Comment