Researchers warn of 'hit and run' cyber attackers

September 26, 2013
Security researchers said Wednesday they uncovered a "cyber mercenary" team which specializes in attacks on targets in Japan and South Korea, and warned of more operations of that nature.

Security researchers said Wednesday they uncovered a "cyber mercenary" team which specializes in attacks on targets in Japan and South Korea, and warned of more operations of that nature.

Kaspersky Labs identified the group as "Icefog," and said evidence points to it being based in China.

Based on the targets, the attackers appear to have an interest in military, and maritime operations, computers and software, research companies, , , and television.

Kaspersky said the operation was a "small yet energetic Advanced Persistent Threat (APT) group" which focuses on targets involved in the supply chain for Western companies.

The operation started in 2011 and has increased in size and scope over the last few years, according to the report presented at a Washington conference.

The attackers have been "hitting pretty much all types of victims and sectors. In most cases, attackers maintain a foothold in corporate and governmental networks for years, smuggling out terabytes of sensitive information," said Kaspersky researcher Costin Raiu.

"The 'hit and run' nature of the Icefog attacks demonstrate a new emerging trend: smaller hit-and-run gangs that go after information with surgical precision. The attack usually lasts for a few days or weeks and after obtaining what they were looking for, the attackers clean up and leave."

Raiu said these types of hackers-for-hire groups are growing, developing into a "kind of 'cyber mercenary' team for the modern world."

The researchers localized the attackers and "assume some of the players behind this threat operation are based in at least three countries: China, South Korea and Japan," with the largest number in China.

The report, presented at the Billington Cybersecurity Summit, said Icefog targeted attacks relied on spear-phishing e-mails that attempt to trick the victim into opening a malicious attachment or a website.

Some of these attachments include images of scantily clad women or "decoy" documents; when users click on the attachments, they unwittingly install malicious software which allows access to the attackers.

"The attackers are hijacking sensitive documents and company plans, e-mail account credentials, and passwords to access various resources inside and outside the victim's network," a Kaspersky statement said.

"In most cases, the Icefog operators appear to already know very well what they need from the victims. They look for specific file names, which are identified and transferred" to the attackers.

Explore further: Cyberattacks also targeted Gmail rivals: Trend Micro

Related Stories

'No leak of key info' in Mitsubishi cyber attack

September 20, 2011

Japan's defence minister on Tuesday said cyber attackers who breached security at defence contractor Mitsubishi Heavy Industries had not got their hands on any sensitive data.

Twitter says hackers compromise 250K accounts

February 2, 2013

Twitter confirmed Friday that it had become the latest victim in a number of high-profile cyber-attacks against media companies, saying that hackers may have gained access to information on 250,000 of its more than 200 million ...

'Phishing' scams explode worldwide, researchers shows

June 21, 2013

Those insidious email scams known as phishing, in which a hacker uses a disguised address to get an Internet user to install malware, rose 87 percent worldwide in the past year, a security firm said Friday.

Recommended for you

How to curb emissions? Put a price on carbon

September 3, 2015

Literally putting a price on carbon pollution and other greenhouse gasses is the best approach for nurturing the rapid growth of renewable energy and reducing emissions.

Customizing 3-D printing

September 3, 2015

The technology behind 3-D printing is growing more and more common, but the ability to create designs for it is not. Any but the simplest designs require expertise with computer-aided design (CAD) applications, and even for ...

Team develops targeted drug delivery to lung

September 2, 2015

Researchers from Columbia Engineering and Columbia University Medical Center (CUMC) have developed a new method that can target delivery of very small volumes of drugs into the lung. Their approach, in which micro-liters ...

Magnetic fields provide a new way to communicate wirelessly

September 1, 2015

Electrical engineers at the University of California, San Diego demonstrated a new wireless communication technique that works by sending magnetic signals through the human body. The new technology could offer a lower power ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.