Hackers still using a Zero-Day Exploit ‘Elderwood’

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

According to Bulletin news  The new research by Symantec shows the attackers using an exploit kit known as “Elderwood” are more numerous and possibly better funded than anybody anticipated.

Elderwood is tracked since 2012 by Symantec, which concluded that the contained exploits had been used against defense-related companies, people involved in human rights campaigns and IT and supply-chain companies in the well-known “Operation Aurora” attacks.

“The attack groups are separate entities with their own agendas,” Symantec wrote in a blog post on Thursday.

The sub-group named “Hidden Lynx” targets the defense industry and Japanese users. “Vidgrab” prefers targeting Uyghur dissidents in the western region of China. Another group known as “Linfo” or “Icefog” goes after manufacturing firms, while “Sakurel” focuses on aerospace companies.

We know that creating attack code for those vulnerabilities is not cheap, so we realize that if hacking groups are purchasing the exploits from Elderwood’s developer, those organizations “must have substantial financial resources.”

Supposingthat all attacks related to Elderwood come from a larger group split into many teams, then “these employees are either being well compensated for their work or have some other motivating factor that prevents them from selling exploits on the open market themselves.

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply