Countries Causing Mayhem by Running Sophisticated APT Groups Like Godfathers

Blessed by countries

• State-sponsored APT groups are organizations that conduct attacks on a country’s information assets related to national security or economic importance, via means of cyberespionage or cyber sabotage.
• While China and Russia stand atop the list of nations linked to the most sophisticated state-sponsored hacking groups, the number of government-linked cyberespionage campaigns from other countries has started to burgeon in recent years.

APTs out and about

• According to Kaspersky researchers, the China-based APT group, CactusPete, is targeting military and financial organizations in Eastern Europe with a new attack campaign. The group is employing a new variant of the Bisonal backdoor to steal information, move laterally inside a network, and execute codes on target machines.
• Recently, Group-IB uncovered a Russian-speaking hacking group, RedCurl, which has conducted 26 corporate espionage attacks, since 2018, in attempts to steal confidential corporate information from victims in the finance, construction, law, retail, and other sectors.
• At Black Hat USA, researchers outlined the "Operation Skeleton Key" attacks performed by a Chinese APT group, Chimera, against numerous semiconductor vendors of Taiwan. The hackers are known to abuse Cobalt Strike, a penetration testing tool and a custom skeleton key obtained by twisting the codes of Dumpert and Mimikatz.
• As per a security alert sent by the FBI a week ago, Fox Kitten (aka Parisite), a group of Iranian government-based hackers has been detected attacking the private and government sectors in the U.S. The threat actors operate by targeting high-end and high-priced network equipment using exploits for newly disclosed vulnerabilities.

The crucial role of global vigilance