Kaspersky Published a research recently according to which, A chinese threat actor has developed new capabilities to target air-gapped system to infiltrate data mostly sensitive and important for espionage.

The APT also known as Goblin Panda or Cycldek has extensive toolset for information stealing in computer networks which also includes many unknown custom tools used in attack against gov agencies in Vietnam, Thailand etc.

The Report analysis reveals it has 2 different variants named Bluecore and redcore which share similarity in both code and infrastructure, while some exclusive features like keylogger and RDP logger are in redcore only.

The malware is programmed in a way to copy itself in a selective manner to certain removable drivers so it can move laterally to other air-gapped systems each time the infected removable usb thumb drive is inserted into other machine.

 

To read more visit here:

https://securelist.com/cycldek-bridging-the-air-gap/97157/

 

JBS, the world’s meat producer shelled out $11 million dollars in ransom to hackers.
What happened? JBS USA [part of J.B.S S.A group] confirmed that the …
CoWin Website hacked and 150 million registered user database stolen.
What Happened? A recent claim has been made on the dark web …

By Siddhant Pathak

Cyber security architect, 7+ years experience in cyber security industry, Tech savy, Nature lover, Bullet 350 rider

Have some thoughts? why not share with us here.