APT38 DYEPACK Framework
Contents
by AKM
Posted on March 20, 2019 at 12:46 PM
Waterholing Style Attacks
In the natural world, predators lurk around regions full of resources that the victim feast on. They wait, they watch, then attack.
Similar to how watering hole attacks on financial firms work, as recent incidents … ;
- attackers identify numerous resources (like forums, subdomains, employee portals, et al)
- identify key vulnerabilities that allow them to burrow deep and then move laterally
- then use exploits upload specific payloads to these gateways in high hopes that an employee would execute them.
The rest is history. Like so with the prey and predator analogy, this also occurs naturally every day in organizations worldwide.
(If you're more interested on the "Watering-hole" attack style, check out this research I conducted for APT32 a.k.a. OceanLotus).
APT38 and its North Korean Attributes
So why financial firms in particular? Because they are the most profitable to any lone wolf or organized cybercrime unit. …
Posted on March 20, 2019 at 12:46 PM
Waterholing Style Attacks
In the natural world, predators lurk around regions full of resources that the victim feast on. They wait, they watch, then attack.
Similar to how watering hole attacks on financial firms work, as recent incidents … ;
- attackers identify numerous resources (like forums, subdomains, employee portals, et al)
- identify key vulnerabilities that allow them to burrow deep and then move laterally
- then use exploits upload specific payloads to these gateways in high hopes that an employee would execute them.
The rest is history. Like so with the prey and predator analogy, this also occurs naturally every day in organizations worldwide.
(If you're more interested on the "Watering-hole" attack style, check out this research I conducted for APT32 a.k.a. OceanLotus).
APT38 and its North Korean Attributes
So why financial firms in particular? Because they are the most profitable to any lone wolf or organized cybercrime unit. …