Bronze Union cyber-attack syndicate from China hacked for weapons technologies

Bronze Union a cyber attack syndicate is reported to have tried capturing details online about advanced weapons technologies while also spying on civilian groups in addition to dissidents. The syndicate most recently utilized exploits for scanning data, phishing schemes, as well as watering hole methodologies for attacking organizations and compromising their networks, said researchers in an interview to Threatpost.

Using other handles viz., APT 27, LuckyMouse and Emmissary Panda, the threat syndicate believably has its base chiefly in China while its main activity is gathering military and political secrets, state the researchers belonging to threat overcoming wing of Secureworks the security company which has been keenly watching the syndicate from 2013. Bronze Union understandably hacked into one data-collating firm of some Central Asian nation-state whose government websites it compromised along with leveraging routers for executing its operations. Last year, evidence cropped up before SecureWorks that the threat syndicate was utilizing sophisticated attack tools which since years had been freely obtainable.

Secureworks' senior security researcher Matthew Webster told Threatpost that conventionally Bronze Union extensively employed watering hole methodologies involving hacking into a particular website followed with serving malware to people visiting that site. For site visitors of one particular demographic, the watering hole methodology works very well. Previously, there was clue of the syndicate employing the methodology for attacking prominent Turkish organizations, just as during 2018, it was found applying the methodology similarly inside Mongolia, Webster reported. Threatpost.com posted this, February 27, 2019.

Furthermore according to the researchers, they feel the threat syndicate utilizes loosely grouped workflows and processes for their operations; however, maintains knowledge of a large variety of techniques as well as tools. Consequent of this flexibility the syndicate manages surmounting challenges and barriers that come with hacking.

Secureworks suggests in consideration of the threat syndicate's flexibility and extreme alternatives of its attack techniques that organizations with high-risk probabilities should deploy security technologies for their endpoint and network nodes to detect problematic activities instead of identifying just the known malicious programs/attack infrastructures. More specifically, if Bronze Union was to attack any organization, that organization would require enforcing risk management approaches and security controls as safeguards.

» SPAMfighter News - 3/4/2019