Russian Cyber-Espionage Group Controlled Its Malware Partly Through Reddit Posts (bleepingcomputer.com) 18
"Cyber-espionage operations from Cozy Bear, a threat actor believed to work for the Russian government, continued undetected for the past years by using malware families previously unknown to security researchers," reports BleepingComputer -- citing a surprisingly detailed report:
Relying on stealthy communication techniques between infected systems and the command and control servers, the group managed to keep their activity under the radar for a long time. Cyber-espionage campaigns that likely started in 2013, collectively named "Operation Ghost," have been attributed to this group, and continued through 2019...
Researchers at ESET tracking this threat actor found at least three victims of Operation Ghost, all being European Ministries of Foreign Affairs including the Washington DC embassy of a European Union country. The victim count is likely larger but identifying them is difficult because the threat actor uses unique command and control infrastructure for each target.
The report notes the group used sites like Reddit, Twitter, and Imgur to deliver the URLs for some command-and-control servers, along with information hidden in images. And another stage of its malware platform used an even more robust site for its command-and-control server: Dropbox.
Researchers at ESET tracking this threat actor found at least three victims of Operation Ghost, all being European Ministries of Foreign Affairs including the Washington DC embassy of a European Union country. The victim count is likely larger but identifying them is difficult because the threat actor uses unique command and control infrastructure for each target.
The report notes the group used sites like Reddit, Twitter, and Imgur to deliver the URLs for some command-and-control servers, along with information hidden in images. And another stage of its malware platform used an even more robust site for its command-and-control server: Dropbox.
Re: (Score:2)
This is the problem with sites that depend on user content. The hackers would love to get control of enough famous accounts to endorse a candidate who should lose otherwise.
And Hillary, if you're just going to trade insults with the candidates then you're going to have to get in the race...
Re: Just like Tulsi Gabbard... (Score:2)
I dunno Lars - what does NATO think about it?
Re: (Score:2)
Hehehe...I liked how she went to Syria and snuggled up with Assad. She didn't even come away with blood on her hands and so declared the meeting a success.
Maybe she can find a new and important way to sell out the Kurds to that buttplug, Erdogan.
So now you know (Score:4, Funny)
So now you know what those strange bot-generated off-topic Slashdot postings were about. ;-)
Re: (Score:2)
Yeah... if they're hiding commands in images, just think what they could do with ASCII art....
4th Down and Punting Yardage (Score:2)
Something's wrong with the news... we stopped covering ourselves and started covering Russia, China, Ukraine, and Turkey. Jimmy Kimmel complained about this last week.
Now look what happened to Slashdot, instead of innovations being reported, we've got reports on the hackers of the world who from the nations that are accused of biasing American voters in 2016's election, and it seems these breaches went unreported for years going back far enough to include 2016.
Instead of patch of the day, we've got the inte
Re:4th Down and Punting Yardage (Score:4, Insightful)
Won't happen. The Republicans in the Senate are Trump's eunuchs. They find nothing wrong with Barr wandering the globe chasing down Trump's conspiracy theories in the hopes of delivering a Hail Mary before the next election.
Re: (Score:1)
Just watch it happen. Republicans were dancing around impeaching Nixon just months before he was gone.
FFS, there's definitive proof and multiple public statements about how Trump withheld military aid to Ukraine in exchange for political dirt on his likely 2020 opponent. This is already way bigger than Watergate, and it is only getting worse by the day.
Re: (Score:2)
In the past we would have to wait 40 years to read about Soviet and Russian methods to protect CIA, NSA and GCHQ methods of detection.
Some author would seek and get permission to hint at some project 30-40 years later in a book.
Now we are reading about how some security services detect Russian methods in real time?
The amazing cyber story about "Russia bad" is all so good for NATO, the EU, the US until the part about who found the "MiniDuke implant"
Re: (Score:2)
We do not have reports, we have ideological beliefs, what everyone used to call lies. The US government wants to make a claim about anything, prove it in court.
Seriously what has everyone forgotten, governments did not provide us courts, the people are to fight and die for those courts and the reason why courts because we no longer believed the government. The government wants to say something, anything, facts and facts only, can not prove it in court, the government should shut the fuck up.
The people dem
Hah! (Score:2)
this is genius (Score:1)