Clues point to China
The Sykipot malware used in recent, targeted attacks against defense contractors appears to have been designed, at least in part, to steal information relating to U.S. military drones and unmanned aerial vehicles.
To date, "there have been a lot of different campaigns with different command-and-control servers," said researchers at Alienvault Labs in a blog post. "The modus operandi is simple, they send emails with a malicious attachment or link, sometimes using a zero-day exploit [on] key employees of different organizations."
The Sykipot malware used in recent targeted attacks involved JavaScript-embedded malicious PDF files that were emailed to targets, and which exploited a zero-day Adobe Reader vulnerability that was recently patched.
Read the full article here.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024