Tick cybergang uses custom malware to target Japanese websites
May 3, 2016
Shah Sheikh (1294 articles)
Share

Tick cybergang uses custom malware to target Japanese websites

Symantec researchers spotted a cyberespionagegroup, dubbed “Tick,” spreading custom malware through compromised Japanese websites.

The group is believed to have been active since 2006 and primarily targets Japanese organizations such as large technology, engineering, and media firms in order to steal sensitive information, according to an April 28 Symantec blog post.

In its most recent string of attacks, the group compromised three different websites using a Flash exploit in order to mount watering hole attacks, researchers wrote.

Researchers said Tick also used spearphishing emails and an exploit for the Microsoft Office documents (CVE-2014-4114) vulnerability to distribute malware in addition to the watering hole activity.

The compromised sites infected users with the Gofarer.downloader which ultimately installed the Daserf Trojan, researchers said in the post.

Researchers said the group appears to be well organized with the funding to develop and update its malware.

Source | SCMagazine

Related articles

NIST Publishes New Security Standard For Encrypting Credit Card, Medical Info

NIST Publishes New Security Standard For Encrypting Credit Card, Medical Info

Pentagon Bug Bountry Program Attracks Strong Hacker Interest

Pentagon Bug Bountry Program Attracks Strong Hacker Interest

Beware!! Hackers Attack Government and Medical Organizations With COVID-19 RTF File

Beware!! Hackers Attack Government and Medical Organizations With COVID-19 RTF File