Mexico's inflation exceeds expectations in 1st half of April    Egypt's gold prices slightly down on Wednesday    Tesla to incur $350m in layoff expenses in Q2    GAFI empowers entrepreneurs, startups in collaboration with African Development Bank    Egyptian exporters advocate for two-year tax exemption    Egyptian Prime Minister follows up on efforts to increase strategic reserves of essential commodities    Italy hits Amazon with a €10m fine over anti-competitive practices    Environment Ministry, Haretna Foundation sign protocol for sustainable development    After 200 days of war, our resolve stands unyielding, akin to might of mountains: Abu Ubaida    World Bank pauses $150m funding for Tanzanian tourism project    China's '40 coal cutback falls short, threatens climate    Swiss freeze on Russian assets dwindles to $6.36b in '23    Amir Karara reflects on 'Beit Al-Rifai' success, aspires for future collaborations    Ministers of Health, Education launch 'Partnership for Healthy Cities' initiative in schools    Egyptian President and Spanish PM discuss Middle East tensions, bilateral relations in phone call    Amstone Egypt unveils groundbreaking "Hydra B5" Patrol Boat, bolstering domestic defence production    Climate change risks 70% of global workforce – ILO    Health Ministry, EADP establish cooperation protocol for African initiatives    Prime Minister Madbouly reviews cooperation with South Sudan    Ramses II statue head returns to Egypt after repatriation from Switzerland    Egypt retains top spot in CFA's MENA Research Challenge    Egyptian public, private sectors off on Apr 25 marking Sinai Liberation    EU pledges €3.5b for oceans, environment    Egypt forms supreme committee to revive historic Ahl Al-Bayt Trail    Debt swaps could unlock $100b for climate action    Acts of goodness: Transforming companies, people, communities    President Al-Sisi embarks on new term with pledge for prosperity, democratic evolution    Amal Al Ghad Magazine congratulates President Sisi on new office term    Egypt starts construction of groundwater drinking water stations in South Sudan    Egyptian, Japanese Judo communities celebrate new coach at Tokyo's Embassy in Cairo    Uppingham Cairo and Rafa Nadal Academy Unite to Elevate Sports Education in Egypt with the Introduction of the "Rafa Nadal Tennis Program"    Financial literacy becomes extremely important – EGX official    Euro area annual inflation up to 2.9% – Eurostat    BYD، Brazil's Sigma Lithium JV likely    UNESCO celebrates World Arabic Language Day    Motaz Azaiza mural in Manchester tribute to Palestinian journalists    Russia says it's in sync with US, China, Pakistan on Taliban    It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game    Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights    Sudan says countries must cooperate on vaccines    Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19    Egypt to tax bloggers, YouTubers    Egypt's FM asserts importance of stability in Libya, holding elections as scheduled    We mustn't lose touch: Muller after Bayern win in Bundesliga    Egypt records 36 new deaths from Covid-19, highest since mid June    Egypt sells $3 bln US-dollar dominated eurobonds    Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go    Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



130 firms in 30 states including Egypt seen new wave of cyber attacks: Kaspersky
Amwal Al Ghad Published in Amwal Al Ghad on 18 - 08 - 2016

Since March 2015, a well-organized cyber-crime syndicate has targeted more than 130 companies in over 30 countries, including Egypt, for the purpose of industrial espionage.
The vast majority of the victims are small to medium companies (30-300 employees) activating in the industrial sector.
According to cyber-security vendor Kaspersky Lab, the group, which they named Operation Ghoul, intensified operations during June 2016, and more specifically, between June 8 and 27.
"Attacks were aimed at companies in the industrial sector"
The majority of targeted companies activate in industrial sectors such as the petrochemical field, naval, military, aerospace, heavy machinery, solar energy, steel, pumps, and plastics.
Other activity sectors were also targeted, such as engineering, shipping, pharmaceutical, manufacturing, trading, education, tourism, IT, and more.
The group has shown a narrow focus on companies activating in the industrial sector, but not specific to one country. Attacks were scattered all over the globe, with the most recorded in Spain (25 incidents), Pakistan (22), the United Arab Emirates (19), India (17), Egypt (16), and more.
Other targeted countries include the UK, Germany, South Africa, Portugal, Qatar, Switzerland, Gibraltar, USA, Sweden, China, France, Azerbaijan, Iraq, Turkey, Romania, Iran, Iraq, and Italy.
"Crooks used the HawkEye RAT to infect high-ranking execs"
Ghoul hackers used the HawkEye RAT (Remote Access Trojan), also known as KeyBase, to carry out their attacks.
The crooks packed their RAT inside an EXE file, which they put inside a ZIP file and sent via spear-phishing emails to high-ranking persons in the targeted companies. Kaspersky says these emails were sent to CEOs, COOs, managers, engineers, supervisors, salespersons, and others.
"The spear phishing emails are mostly sent to senior members and executives of targeted organizations, most likely because the attackers hope to get access to core intelligence, controlling accounts and other interesting information," Mohamad Amin Hasbini, Kaspersky Senior Security Researcher, said.
The RAT is one of the top remote access toolkits on the market and can steal clipboard data, keystrokes, license information from installed applications, and passwords from several apps such as browsers, FTP, and email clients.
For these attacks, HawkEye collected the data from targets and sent it via HTTP, unencrypted, to one of two servers. Kaspersky says these two servers belonged to two legitimate businesses that were compromised in the past.
Source: Softpedia

Clic here to read the story from its source.