A month after the mystery group Lab Dookhtegan divulged details about OilRig a.k.a APT34, researchers from Palo Alto Networks have come up with new findings regarding the data dump discovered on the Internet.
According to their analysis, OilRig stole over 13,000 credentials belonging to 18 industries. Some of these industries include government, technology, telecommunications, and the transportation sector. Altogether, OilRig’s activity compromised 97 organizations in 27 countries.
Key highlights
Origins remain unknown
For some reason, the researchers emphasize that they were unable to validate the entire data with respect to its origin. “..although we are able to validate the backdoors and web shells provided in the dataset as consistent with previously researched OilRig toolsets, in general, we are unable to validate the origins of the entirety of the dataset and cannot confirm nor deny that the data has not been manipulated in some manner,” told their blog.
In order to stay away from OilRig’s attacks, Palo Alto Networks has strongly suggested organizations to protect themselves against credential theft and reuse.
Publisher