Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Kaspersky - Blue Termite APT Targets Japanese Organisation

Kaspersky, a security firm, has recently found that Blue Termite which is a cyber-espionage campaign that has been targeting hundreds of organisations in Japan for at least two years. The attackers search for confidential information and utilize a zero-day Flash player exploit and a sophisticated backdoor which is tailored for each victim. Kaspersky knows this as first campaign which is strictly focused on Japanese targets and it is still alive.

Researchers of Kaspersky Lab came across a malware sample in October 2014 which had never been seen before and which stood out from others due to its complexity. Moreover, analysis has revealed that this sample is only a part of a large and sophisticated campaign of cyberespionage.

The list of targeted industries includes heavy industries, government organisations, chemical, financial, media, satellite, medical, educational institutes, food industry along with others. According to results of the investigation, the campaign has been alive since around last two years.

Kaspersky notes that operators of Blue Termite utilize many techniques to infect their victims.

Prior to July 2015, operators mostly used spear-phishing emails through which they used to send malicious software as an attachment with the content of the email which were expected to attract a victim.

But in July 2015, Blue Termite placed the Hacking Team exploit on numerous hijacked Japanese websites and began distributing its malware through drive-by-download attacks. This change in plans resulted significant increase in infection rates.

In few cases, the cybercriminals took steps to make sure that only certain user's computers would get tainted with their malware. A known person of the Japanese government was attacked with one of the hacked sites. In another case, the gang employed a script to make sure that only Internauts visiting compromised site from the IP addresses of a specific Japanese enterprise, would be handed out the malware.

Blue Termite has been using custom-made malware of the infamous Emdivi family to maximum advantage to steal data from victims.

Kaspersky said that one of the most fascinating things about the malware employed by the actor of Blue Termite is that each victim is delivered with a sample of unique malware which is made in such a manner that it could only be started on a particular PC which Blue Termite actor has targeted.

ยป SPAMfighter News - 8/31/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page