Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
PortDoor Espionage Malware Takes Aim at Russian Defense Sector
#1
Information 
Quote:A previously undocumented backdoor malware, dubbed PortDoor, is being used by a probable Chinese advanced persistent threat actor (APT) to target the Russian defense sector, according to researchers.
 
The Cybereason Nocturnus Team observed the cybercriminals specifically going after the Rubin Design Bureau, which designs submarines for the Russian Federation’s Navy. The initial target of the attack was a general director there named Igor Vladimirovich, researchers said, who received a phishing email.
 
The attack began with the RoyalRoad weaponizer, also known as the 8.t Dropper/RTF exploit builder – a tool that Cybereason said is part of the arsenal of several Chinese APTs, such as Tick, Tonto Team and TA428. RoyalRoad generates weaponized RTF documents that exploit vulnerabilities in Microsoft’s Equation Editor (CVE-2017-11882, CVE-2018-0798 and CVE-2018-0802).
 
The use of RoyalRoad is one of the reasons the company believes Chinese cybercriminals to be behind the attack.
 
“The accumulated evidence, such as the infection vector, social-engineering style, use of RoyalRoad against similar targets, and other similarities between the newly discovered backdoor sample and other known Chinese APT malware, all bear the hallmarks of a threat actor operating on behalf of Chinese state-sponsored interests,” according to a Cybereason analysis, published Friday.

Read more: PortDoor Espionage Malware Takes Aim at Russian Defense Sector | Threatpost
[-] The following 1 user Likes silversurfer's post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
Bitdefender 25.0.19.75
Bitdefender 25.0.1...harlan4096 — 16:11
VLC (VideoLAN) Media Player 3.0.14
VLC (VideoLAN) Med...harlan4096 — 16:10
Custom browser protocol handlers may be ...
When you instal...harlan4096 — 16:01
Colonial Pipeline Shells Out $5M in Exto...
Colonial Pipeline ...silversurfer — 12:36
Pipeline Update: Biden Executive Order, ...
Colonial Pipeline ...silversurfer — 12:36

[-]
Birthdays
Today's Birthdays
avatar (39)knigiJow
avatar (41)1stOnecal
Upcoming Birthdays
avatar (23)jayc137
avatar (43)Jerrycix
avatar (35)awedoli
avatar (77)WinRARHowTo
avatar (34)axuben
avatar (35)ihijudu
avatar (44)contjrat
avatar (45)Mirzojap
avatar (31)idilysaju
avatar (35)GregoryRog
avatar (40)mediumog
avatar (35)odukoromu
avatar (41)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>