Finance Ministry presents three new investor facilitation packages to PM to boost investment climate    Egypt, Bahrain explore deeper cooperation on water resource management    Egypt condemns Israeli offensive in Gaza City, warns of grave regional consequences    Cairo University, Roche Diagnostics inaugurate automated lab at Qasr El-Ainy    Egypt expands medical, humanitarian support for Gaza patients    Egypt investigates disappearance of ancient bracelet from Egyptian Museum in Tahrir    Egypt launches international architecture academy with UNESCO, European partners    African trade ministers meet in Cairo to push forward with AfCFTA    Egypt's President, Pakistan's PM condemn Israeli attack on Qatar    Egypt signs MoUs with 3 European universities to advance architecture, urban studies    Madrid trade talks focus on TikTok as US and China seek agreement    Egypt wins Aga Khan Award for Architecture for Esna revival project    Egypt's gold prices hold steady on Sep. 15th    Egypt's Sisi, Qatar's Emir condemn Israeli strikes, call for Gaza ceasefire    Egypt condemns terrorist attack in northwest Pakistan    Egypt advances plans to upgrade historic Cairo with Azbakeya, Ataba projects    Egyptian pound ends week lower against US dollar – CBE    Egypt hosts G20 meeting for 1st time outside member states    Egypt to tighten waste rules, cut rice straw fees to curb pollution    Egypt seeks Indian expertise to boost pharmaceutical industry    Egypt prepares unified stance ahead of COP30 in Brazil    Egypt harvests 315,000 cubic metres of rainwater in Sinai as part of flash flood protection measures    Al-Sisi says any party thinking Egypt will neglect water rights is 'completely mistaken'    Egyptian, Ugandan Presidents open business forum to boost trade    Egypt's Sisi, Uganda's Museveni discuss boosting ties    Egypt's Sisi warns against unilateral Nile measures, reaffirms Egypt's water security stance    Greco-Roman rock-cut tombs unearthed in Egypt's Aswan    Egypt reveals heritage e-training portal    Sisi launches new support initiative for families of war, terrorism victims    Egypt expands e-ticketing to 110 heritage sites, adds self-service kiosks at Saqqara    Palm Hills Squash Open debuts with 48 international stars, $250,000 prize pool    On Sport to broadcast Pan Arab Golf Championship for Juniors and Ladies in Egypt    Golf Festival in Cairo to mark Arab Golf Federation's 50th anniversary    Germany among EU's priciest labour markets – official data    Paris Olympic gold '24 medals hit record value    A minute of silence for Egyptian sports    Russia says it's in sync with US, China, Pakistan on Taliban    It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game    Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights    Sudan says countries must cooperate on vaccines    Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19    Egypt to tax bloggers, YouTubers    Egypt's FM asserts importance of stability in Libya, holding elections as scheduled    We mustn't lose touch: Muller after Bayern win in Bundesliga    Egypt records 36 new deaths from Covid-19, highest since mid June    Egypt sells $3 bln US-dollar dominated eurobonds    Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go    Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



130 firms in 30 states including Egypt seen new wave of cyber attacks: Kaspersky
Amwal Al Ghad Published in Amwal Al Ghad on 18 - 08 - 2016

Since March 2015, a well-organized cyber-crime syndicate has targeted more than 130 companies in over 30 countries, including Egypt, for the purpose of industrial espionage.
The vast majority of the victims are small to medium companies (30-300 employees) activating in the industrial sector.
According to cyber-security vendor Kaspersky Lab, the group, which they named Operation Ghoul, intensified operations during June 2016, and more specifically, between June 8 and 27.
"Attacks were aimed at companies in the industrial sector"
The majority of targeted companies activate in industrial sectors such as the petrochemical field, naval, military, aerospace, heavy machinery, solar energy, steel, pumps, and plastics.
Other activity sectors were also targeted, such as engineering, shipping, pharmaceutical, manufacturing, trading, education, tourism, IT, and more.
The group has shown a narrow focus on companies activating in the industrial sector, but not specific to one country. Attacks were scattered all over the globe, with the most recorded in Spain (25 incidents), Pakistan (22), the United Arab Emirates (19), India (17), Egypt (16), and more.
Other targeted countries include the UK, Germany, South Africa, Portugal, Qatar, Switzerland, Gibraltar, USA, Sweden, China, France, Azerbaijan, Iraq, Turkey, Romania, Iran, Iraq, and Italy.
"Crooks used the HawkEye RAT to infect high-ranking execs"
Ghoul hackers used the HawkEye RAT (Remote Access Trojan), also known as KeyBase, to carry out their attacks.
The crooks packed their RAT inside an EXE file, which they put inside a ZIP file and sent via spear-phishing emails to high-ranking persons in the targeted companies. Kaspersky says these emails were sent to CEOs, COOs, managers, engineers, supervisors, salespersons, and others.
"The spear phishing emails are mostly sent to senior members and executives of targeted organizations, most likely because the attackers hope to get access to core intelligence, controlling accounts and other interesting information," Mohamad Amin Hasbini, Kaspersky Senior Security Researcher, said.
The RAT is one of the top remote access toolkits on the market and can steal clipboard data, keystrokes, license information from installed applications, and passwords from several apps such as browsers, FTP, and email clients.
For these attacks, HawkEye collected the data from targets and sent it via HTTP, unencrypted, to one of two servers. Kaspersky says these two servers belonged to two legitimate businesses that were compromised in the past.
Source: Softpedia

Clic here to read the story from its source.