California-headquartered global cybersecurity company Symantec said it has identified the group behind a recent series of cyber attacks designed to gather intelligence from Pakistan, Turkey, Russia, Saudi Arabia, Afghanistan, Jordan and some regions in Europe and North America.
The group, dubbed Seedworm or MuddyWater, is likely operating out of Middle East, and probably backed by a nation-state for targeted cyber espionage purposes, according to a Symantec investigation.
Seedworm has been operating since at least 2017, with its most recent activity observed in December 2018, Symantec's DeepSight Managed Adversary and Threat Intelligence (MATI) team said in a blog post on Tuesday.
The researchers found a GitHub repository used by the group to store their scripts, as well as several post-compromise tools the group uses to exploit victims once they have established a foothold in their network.
"In September 2018, we found evidence of Seedworm and the espionage group APT28 (aka Swallowtail, Fancy Bear), on a computer within the Brazil-based embassy of an oil-producing nation," said the Symantec researchers.
Access to the victim's email, social media, and chat accounts is one of the group's likely goals, according to the researchers.
"Since its existence first came to light, we've seen Seedworm modify the way it operates. Since early 2017, they have continually updated their Powermud backdoor and other tools to avoid detection and to thwart security researchers analysing the tools," the blog post said.
"They've also used GitHub to store malware and a handful of publicly available tools, which they then customise to carry out their work," it added.
The researchers analysed data on 131 victims that were compromised by Seedworm's Powermud backdoor from late September to mid-November 2018.
The telecommunications and IT services sectors were their main targets, the next most common group of victims was in the oil and gas sector, followed by universities and embassies, the findings showed.
--IANS
gb/sed
Disclaimer: No Business Standard Journalist was involved in creation of this content
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app