Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Symantec Identifies Malware Targeting Energy Companies in Leading Nations

Betanews.com reported on 30th June, 2014 stating that security researchers of security firm Symantec recently discovered a malware which targets big energy companies in many countries all over the world.

Symantec elaborates that a group of evil-doers known as "Dragonfly" is conducting a cyber-espionage campaign in the United States, Spain, France, Italy, Germany, Turkey and Poland by using two pieces of malware namely Backdoor.Oldrea and Trojan.Karagany with Oldrea seems to be the main tool in the attacks.

Betanews.com reported on 30th June, 2014 quoting Symantec as "Once Oldrea is installed in the victim's computer, it gathers details, directory of files and programs installed and source of available drives. It will also remove data from the computer's Outlook address book and VPN configuration files and then written to a temp file in an encrypted format prior to being sent to a remote command-and-control (C&C) server controlled by scammers. Karagany is competent of uploading stolen information, downloading new-flanged files and running executable files on a tainted computer. It is also able of running supplementary plug-ins like tools for password collection, taking screenshots and cataloging documents on infected machines."

The researchers said that this malware is similar to Stuxnet which is a virus believed to be developed by the United States or Israel to restrain threats from Iran.

Securityweek.com published news on 30th June, 2014 quoting a comment by Symantec on conducting the malware as "Dragonfly bears the hallmarks of a state-sponsored operation displaying a high degree of technical capability."

Symantec added that its main motive seems to be cyber-espionage and it also have some capacity to sabotage.

Symantec said that Dragonfly, also called Energetic Bear, seems to be operating from Eastern Europe based on the hours of activity of those involved.

Officials in the US and other countries have expressed growing concerns about cyberattacks in recent months which could paralyse important infrastructure systems like power grids, dams or transportation systems.

Symantec's analysis also confirms findings of F-Secure that websites of three ICS software vendors were compromised and the download files were Trojanized. One of the products provided VPN access to programmable logic controller (PLC) devices.

ยป SPAMfighter News - 7/5/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page