Kaspersky Published a research recently according to which, A chinese threat actor has developed new capabilities to target air-gapped system to infiltrate data mostly sensitive and important for espionage.

The APT also known as Goblin Panda or Cycldek has extensive toolset for information stealing in computer networks which also includes many unknown custom tools used in attack against gov agencies in Vietnam, Thailand etc.

The Report analysis reveals it has 2 different variants named Bluecore and redcore which share similarity in both code and infrastructure, while some exclusive features like keylogger and RDP logger are in redcore only.

The malware is programmed in a way to copy itself in a selective manner to certain removable drivers so it can move laterally to other air-gapped systems each time the infected removable usb thumb drive is inserted into other machine.

 

To read more visit here:

https://securelist.com/cycldek-bridging-the-air-gap/97157/

 

JBS, the world’s meat producer shelled out $11 million dollars in ransom to hackers.
What happened? JBS USA [part of J.B.S S.A group] confirmed that the …
CoWin Website hacked and 150 million registered user database stolen.
What Happened? A recent claim has been made on the dark web …

Have some thoughts? why not share with us here.

Hey we spotted an adblocker on your browser

Hello, Welcome to Stormbreaker.
We are happy that you opened our website but please disable the adblocker to view further.
Ads are a way this page is generating revenue and making this awesome site and people behind it working. 
Thank you in advanced.
Team Stormbreaker.