Bitdefender researcher discovered potentially state-sponsored APT group StrongPity.

Recently Bitdefender researcher (Radu tudorica, Cristina vatamanu, Alexandru maximcicus) discovered APT group StrongPity who is targeting victims in Turkey and Syria. The attacker uses watering hole tactics to infect target and install 3 tier C&C to avoid forensic investigation.
Reasecher indentified that the attacker have special interest in Kurdish community by the data they gathered which show the risk in geo-political contecxt.
As Bitdefender mentioned the Key Findings :
  1.     Potentially state-sponsored APT Group with political motivation
  2.     Ability to search for and exfiltrate any file or document from a victim’s machine Watering hole tactic that selectively targets victims in Turkey and Syria using pre-defined IP list
  3.     3-tiered C&C infrastructure for covering tracks and thwarting the forensic investigation
  4.     Use of fully working Trojanized popular tool
The collected samples have common compile time from Monday to Friday 9 to 6 UTC+2 working hour which show that it could be developer team paid to deliver projects.

No comments:

Schneider Electric Confirms Data Theft in Developer Platform Hack

  Schneider Electric, a leading French multinational in energy and automation solutions, has confirmed that a cybersecurity incident involvi...