KuwaitPR.com, Online Press Release from Kuwait
 
Technology, Computers & IT(Technology)
Filter PR by
  
Cyberattacks on Kuwait Shipping and Transportation Organizations

September 24, 2019 - Kuwait

Between May and June 2019, Unit 42, the global threat intelligence team at Palo Alto Networks, observed previously unknown tools used in the targeting of transportation and shipping organizations based in Kuwait.

The first known attack in this campaign targeted a Kuwait transportation and shipping company in which the actors installed a backdoor tool named Hisoka. Several custom tools were later downloaded to the system in order to carry out post-exploitation activities. All of these tools appear to have been created by the same developer. We were able to collect several variations of these tools including one dating back to July 2018. 

The developer of the collected tools used character names from the anime series Hunter x Hunter, which is the basis for the campaign name “xHunt.” The names of the tools collected include backdoor tools Sakabota, Hisoka, Netero and Killua. These tools not only use HTTP for their command and control (C2) channels, but certain variants of these tools use DNS tunneling or emails to communicate with their C2 as well. While DNS tunneling as a C2 channel is fairly common, the specific method in which this group used email to facilitate C2 communications has not been observed by Unit 42 in quite some time. This method uses Exchange Web Services (EWS) and stolen credentials to create email “drafts” to communicate between the actor and the tool. In addition to the aforementioned backdoor tools, we also observed tools referred to as Gon and EYE, which provide the backdoor access and the ability to carry out post-exploitation activities.

Through comparative analysis, we identified related activity also targeting Kuwait between July and December 2018, which was recently reported by IBM X-Force IRIS. While there are no direct infrastructure overlaps between the two campaigns, historical analysis shows that the 2018 and 2019 activities are likely related.

Posted by : Kuwait PR Network Editorial Team
Viewed 7535 times
PR Category : Technology
Posted on : Tuesday, September 24, 2019  2:35:00 PM UAE local time (GMT+4)
Email this article Print this article

Share this article with your friends and followers
NewsVine
Back to Section Home

Related Stories

 
 
Most Viewed Press Release posted in the last 7 days
Global Innovations Partnered with Hotelbeds [15596-Views]
This Festive Season, It's All About Gifting and Loving [14629-Views]
The #sephorasquad Applications Are Now Closed [14030-Views]
Get Your Own Multi GDS Booking Engine [11886-Views]
Is your Business Ready to Face Pandemic and Pandemic Like Situation? [11693-Views]
Eid Gifts From The Body Shop [11283-Views]
Make Up for Ever Introduces for the First Time Its New Active Care-in-foundation to Revive Tired Ski... [10836-Views]
My Salah Mat ɡ ... [10115-Views]
UD Trucks Extends Vehicle Warranties During the Covid-19 Lockdown Period in the MEENA Region [9364-Views]
Olay Eyes Hydra Gel [8528-Views]
Maillon De Cartier Watch [7331-Views]
Kristina Fidelskaya A/W 2020 Collection Dream [7027-Views]
LG Prioritizes Home Comfort With Latest Air Conditioners for GCC Market [6347-Views]
Ralph Lauren Expands Its Earth Polo Offering, Reinforces Commitment to Protecting the Environment [5719-Views]
COVID-19 Triggers Marked Decline in Global Trade: UNCTAD [5617-Views]
UAE Banks Among Top Performing in GCC, KPMG Report Finds [5191-Views]
Made in Italy, ICSA Issues a Notification of Counterfeit Products Found in the Kingdom of Saudi Ara... [4649-Views]
HONOR MagicBook Series is Perfect for Fashion Forward, Design Conscious Individuals Across the Middl... [4432-Views]
Three Reasons Why the HUAWEI Mate Xs Has Redefined Foldable Phones [3628-Views]
Omega Announces Its Role as the Official Timekeeper of the 36th America's Cup [3042-Views]
 
RSS Facebook Twitter LinkedDin
 
Top Sections
 
Top Stories