In order to first gain access to the networks that were breached, a Microsoft Exchange server was exploited. The custom loader used by Cicada has apparently been seen in previous attacks that were also connected to the hacker team. This is referred to as DLL side-loading, and Cicada is not alone in using this technique to upload malware into programs that are otherwise secure. It appears that a safe version of VLC was combined with a malicious DLL file located in the place as the export functions of the media player. Image used with permission by copyright holderĪlthough VLC was exploited to deploy malware, Bleeping Computer says that the file itself was clean. Once the attackers gained access to the victim’s machine, they were able to maintain it for up to nine months. Cicada group has previously targeted Japan for its cyberattacks many times in the past. Surprisingly, only one of the victims was from Japan. Some of the targeted countries include the U.S., Hong Kong, India, Italy, and Canada. What’s perhaps more staggering is that this activity has spread to entities across at least three continents. Non-governmental organizations have also been targeted. According to a report by Bleeping Computer, the targets involve a wide range of entities involved in legal, governmental, or religious activities. This campaign, involving the popular VLC Media Player, appears to have been started for espionage purposes. Hackers used 30,000 computers for record-breaking DDoS attackĮxperts fear ChatGPT will soon be used in devastating cyberattacks Hackers are using AI to create vicious malware, says FBI
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |