Hackers still using a Zero-Day Exploit ‘Elderwood’

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

According to Bulletin news  The new research by Symantec shows the attackers using an exploit kit known as “Elderwood” are more numerous and possibly better funded than anybody anticipated.

Elderwood is tracked since 2012 by Symantec, which concluded that the contained exploits had been used against defense-related companies, people involved in human rights campaigns and IT and supply-chain companies in the well-known “Operation Aurora” attacks.

“The attack groups are separate entities with their own agendas,” Symantec wrote in a blog post on Thursday.

The sub-group named “Hidden Lynx” targets the defense industry and Japanese users. “Vidgrab” prefers targeting Uyghur dissidents in the western region of China. Another group known as “Linfo” or “Icefog” goes after manufacturing firms, while “Sakurel” focuses on aerospace companies.

We know that creating attack code for those vulnerabilities is not cheap, so we realize that if hacking groups are purchasing the exploits from Elderwood’s developer, those organizations “must have substantial financial resources.”

Supposingthat all attacks related to Elderwood come from a larger group split into many teams, then “these employees are either being well compensated for their work or have some other motivating factor that prevents them from selling exploits on the open market themselves.

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply