Kaspersky Lab discovered an attack on US government

[konstvl]

Kaspersky Lab published a report on a new cyber espionage campaign, the main objectives of which were US organizations and government departments.

In addition to having such high-profile goals, the operation is also interesting from a technical point of view. It is noted that the CozyDuke campaign has encryption and anti-detection capabilities - in other words, the malicious code “learns” a number of security products, in particular Kaspersky Lab, Sophos, DrWeb, Avira, Crystal and Comodo Dragon, in order to avoid their recognition by them. Attackers use powerful malware in terms of features. At the same time, the structure and set of tools used allow us to suggest a connection between the campaign and such sensational cyber espionage operations as MiniDuke, CosmicDuke and OnionDuke, which, in all likelihood, are Russian-speaking creators.

As part of CozyDuke, attackers use targeted phishing techniques: they send emails with a link to a hacked site (sometimes owned by official agencies, for example, diplomacy.pl), which contains a ZIP archive with malware. Attackers can also send fraudulent flash videos containing executable malicious code as attachments to emails.
[DLMURL] https://gubbank.ru/2015/04/24/kaspersky_lab_obnaruzhila_ataku_na_gosvedomstva_ssha_110207/ [/ DLMURL]

 

[Матушкин Андрей Николаевич]

Thank.

 

[Плотников Юрий Михайлович]

Thank!

 

[STALKER]

Why I don’t know, but I’m sure that it’s Russian hackers) naughty)

 

[Матушкин Андрей Николаевич]

Why I don’t know, but I’m sure that it’s Russian hackers) naughty)

Why so?
Can the Chinese.