PoorNicheFacts

Advancing till APT9 made us to think why emergent and emerging nations are allegedly suspecting china for the cyberattack. To suspect China, those nations require additional information. As of now, the world powers says that all command and control are located in China, and also they are the one to introduce the concept of APT(Advanced Persistent Threat). APT9 APT9 targets biotechnology and pharmaceutical industry. They gained initial access through spearfishing mails and acting as a trusted party between the industry. APT 9 uses some malwares which were already used by the APT1, APT4 and APT5 threat groups. They modified it in accordance to their needs, so that antivirus engine can't detect those threats as their hash value are modified. Most of the RAT's and backdoors used in this attack are already been used by other threat groups in China, so this is also suspected to be originated from China. Source: ITW Malwares Used HomeUnix, FunRun, Zxshell, Gh0st( Apt1 ), Sogu( Apt3...

APT 8! This is a serious bummer for everyone, especially those who make a living out of social media, because it attacks the entertaining industries. Threat Sector APT 8's target's both an organization and an individual and their domains were Cyber industries, media and entertainment, aerospace and construction. APT 8 APT 8 is involves in cyberattacks to achieve Intellectual Property Theft. Similar to APT 7 it steals data from different companies and organizations that shares cyber field. To add furthermore into the mist, these attacks are done by a group of freelancers abode with the Chinese government. The attacks done on the entertainment industries had made a great impact in terms of money. Countries like India, Japan, Germany, U.K., are few of many countries which sees major flow of money through entertainment and these countries had been the targeted ones.   Attack Vectors To condemn the targeted companies, The spear phishing e-mails attacks are used, implied with malicio...

Both APT 6 & APT 7 are so similar but with the slightest differences. They both steal something that's not the same yet similar. Construction, Aerospace, Engineering and defense industrial estate are targets of APT 7. For APT 6, they share the same domain but with additional targets, Transportation, construction and materials. The attacked areas are also similar, as in The APT 6's goal is to heist a data, whereas the APT 7 steals intellectual property.                 Credits: Kaspersky If you are new to this post and not aware of about what APT is check out our first blog listed under APT which will provide you more insights. Advanced Persistent Thread-6 Anonymity FBI alert The backdoor RAT Prevention techniques Anonymity   The cybersecurity elite group confirmed that their digital signatures were so unique, meaning this APT-6 digital signature were entirely new. Zscalar who actually informed FBI saying that many organiz...

APT-5 is a frequent active threat, since 2007. They target countries which has telecommunication, defense, tech-firm which supports high-tech manufacturing, like US and along with major Asian and European countries.     Major Target Areas Wireless communications are said to be the most attacked division, but other divisions like grid area communication, regional telecom provider, Asian-based communication, satellite communications, military applications are also equally targeted.   APT 5 The goal is simple yet lethal, it simply makes modification into the files and leaves less traceable track. The fact that it becomes lethal is, when it was done in satellite communications and military software programs, the images taken for confidential proprietary is exposed. Regardless of the operating system, even the embedded operating systems that are connected with an IP is vulnerable. This happens, when the computer files are introduced with the keylogger enabled Malware used to s...

Keylogger/Keystroke Every key we press on an electronic device emits certain frequency and this is termed as DTMF(Dual Tone Multi Frequency) . This tone can be easily detected using some common apps available on play store/App Store today. But, it can also be heard and find the exact key not by only practice but in a perfect silence condition. This consumes time and at least requires 2-3 years of patience.      But this can also be achieved through scripting. Yes!! You read that right. By using some advanced frameworks that were available between 2010-2013, hackers developed some keylogger for the systems targeting defense, aerospace and commercial industries and this was later named as APT-4.  Curious to know how APT-1 , APT-2 and APT-3 . Check out our blogs for cool stuffs.    APT-4(Advanced Persistent Threat) Unlike APT-2 and APT-3 , this was suspected from China and its main target to steal information from computer, possible by creating backdoors. S...

Yet another Chinese APT, it seems like china is getting ready with cyberwarfare . Like APT-1 and APT-2 this thread also started with phishing email, but it targets were limited to public, defense, private, Supply chain sectors, Non-profit, Biotechnology, Construction, Education and Energy. In 2013 Chinese based thread actors thought of creating threads for stealing information using Java, Adobe and Internet Explorer ( default browser for XP and 2007 ). Bug Hunters who were really working hard found various enumeration techniques to exploit java with minimum user interferences. This was bad news for the thread actors. So they planned to espionage and steal information from the above sectors using Adobe and Internet Explorer.      Numerous mails to employees were drafted and sent to the Defense and Aerospace Industry.  Some sample e-mails are shown below Sample-1: Save between $200-450 by purchasing an Apple Certified Refurbished iMac through this link. Refurbished ...

Welcome to the Cyber precedence of China Part-2, Today we are just curious to learn about how APT-2 attack was successfully conducted by targeting Military and Defense network. APT-2 doesn't damage any property instead it was stealing all the information from the unencrypted web and network interface. If you are curious to know about APT-1 and what APT does, check our first previous blog. APT-2 Consists of two main Malwares MOOSE WARP                                                                                                                                            ...