McAfee Publishes Intricate Facts of Surveillance Attacks on SK

Some weeks back, security company Symantec in a report stated that amongst the most prominent cyber-assaults that were targeted on South Korea since the last 4-yrs, numerous were sourced to one cyber-crime gang named 'Dark Seoul.' Recently, McAfee, another security company, on 8th July 2013, published another report titled "Dissecting Operation Troy: Cyber Espionage in South Korea" that gives more information regarding those assaults.

According to the report, the newer assaults on broadcasters and financial institutions and then on government computers, merely represent one tiny portion of the outbreak.

McAfee discloses that the assaults that it named 'Operation Troy,' related to plentiful other PC damages beyond just data erasing malicious software and a few distorted PC screens.

The assaults against targets in South Korea, indeed happened to be the last outbreaks belonging to one clandestine espionage campaign, reveals McAfee in its report.

And though it's not clear whether nation states backed the assaults, McAfee thinks 2 different hacker gangs known as 'Whois Hacking Team' and 'New Romanic Cyber Army Team' conducted the said assaults.

Understandably, the hackers, at the time, contaminated computers with a Trojan called 3Rat that mechanically scrutinized PCs to find Korean/English military keywords. And soon as it spotted relevant files, it encrypted them followed with uploading the encrypted material onto the hackers' command and control systems.

Now, the above ability can be highly destructive were the military networks unexpectedly cleared of data following an enemy collecting intelligence information. It's exactly what Dark Seoul did when the 3Rat had acquired admission before the erasing incidence of the Master Boot Record, recalls the report.

Indeed, McAfee's investigation shows that the hack by Dark Seoul was simply an 'Operation Troy' component that represented one cyber espionage attack against military establishments over many years starting at least from 2009.

Often the kind of APT (advanced persistent threat) assaults aimed at several sectors within different nations, however, Operation Troy aimed at just South Korea. McAfee's assessment of distinct features of the malware variants shows that these were employed for solely targeting SK while their binaries contained Korean dialect based components, the report concludes.

» SPAMfighter News - 7/13/2013