article thumbnail

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

Prior to that, akafitis@gmail.com was used as the email address for the account “ Fitis ,” which was active on Exploit between September 2006 and May 2007. ru in its early years, but for a brief period in 2007 it appears this website was inadvertently exposing all of its file directories to the Internet. ru in 2008.

article thumbnail

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The attacks aimed at a Ministry of Health and a pharmaceutical company involved in the development of the COVID-19 vaccine.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. The APT group targeted organizations in various industries, including the aviation, gaming, pharmaceuticals, technology, telecoms, and software development industries.

article thumbnail

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing 100
article thumbnail

China-linked Winnti APT targets South Korean Gaming firm

Security Affairs

The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. The APT group targeted organizations in various industries, including the aviation, gaming, pharmaceuticals, technology, telecoms, and software development industries. a South Korean video game company.”

article thumbnail

German firms BASF, Siemens, Henkel hit by cyber attacks

Security Affairs

Recently Chronicle researchers while investigating the cyber attack that hit the Bayer pharmaceutical company in April spotted a Linux variant of the Winnti backdoor. The Winnti group was first spotted by Kaspersky in 2013, according to the researchers the gang has been active since 2007.

article thumbnail

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

Security Affairs

The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. The APT group targeted organizations in various industries, including the aviation, gaming, pharmaceuticals, technology, telecoms, and software development industries.