2019-2020年度APT黑客组织被揭露过的网络攻击
APT高级持续性威胁是一种发动复杂攻击手段达到窃取敏感信息而且不被发现的攻击形式,APT黑客组织攻击的目标包括政府,国防,金融服务,法律服务,工业,电信,消费品等等行业的单位与企业。
采用目标侦擦,渗透测试,绕过安全机制和窃取信息等不同阶段实施APT攻击。经验丰富的网络犯罪分子们花费大量时间对一个特定目标进行持久化渗透测试,获得访问权限。也有一定能力可以开发定制版恶意程序绕过杀毒软件查杀与网络入侵检测。
2019年的APT攻击
一月
二月
三月
四月
1 | Apr/02 | OceanLotus Steganography |
---|---|---|
2 | Apr/10 | Gaza Cybergang Group1, operation SneakyPastes |
3 | Apr/10 | Project TajMahal – a sophisticated new APT framework |
4 | Apr/10 | The Muddy Waters of APT Attacks |
5 | Apr/17 | DNS Hijacking Abuses Trust In Core Internet Service |
6 | Apr/17 | Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign |
7 | Apr/19 | “Funky malware format” found in Ocean Lotus sample |
8 | Apr/22 | FINTEAM: Trojanized TeamViewer Against Government Targets |
9 | Apr/23 | Operation ShadowHammer: a high-profile supply chain attack |
10 | Apr/24 | [legit remote admin tools turn into threat actors’ tools](https://e.cyberint.com/hubfs/Report Legit Remote Access Tools Turn Into Threat Actors Tools/CyberInt_Legit Remote Access Tools Turn Into Threat Actors' Tools_Report.pdf) |
11 | Apr/30 | SectorB06 using Mongolian language in lure document |
五月
六月
七月
八月
九月
十月
十一月
十二月
2020攻击列表
一月
1 | Jan/01 | [WeiXin] Pakistan Sidewinder APT Attack |
---|---|---|
2 | Jan/06 | First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT |
3 | Jan/07 | [Destructive Attack: DUSTMAN](https://github.com/blackorbird/APT_REPORT/blob/master/International Strategic/Iran/Saudi-Arabia-CNA-report.pdf) |
4 | Jan/07 | Iranian Cyber Response to Death of IRGC Head Would Likely Use Reported TTPs and Previous Access |
5 | Jan/08 | Operation AppleJeus Sequel |
6 | Jan/09 | The State of Threats to Electric Entities in North America |
7 | Jan/13 | APT27 ZxShell RootKit module updates |
8 | Jan/13 | Reviving MuddyC3 Used by MuddyWater (IRAN) APT |
9 | Jan/16 | JhoneRAT: Cloud based python RAT targeting Middle Eastern countries |
10 | Jan/31 | Winnti Group targeting universities in Hong Kong |
二月
1 | Feb/03 | Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations |
---|---|---|
2 | Feb/10 | Outlaw Updates Kit to Kill Older Miner Versions, Targets More Systems |
列出的是2019-2020年的APT攻击,之后还会根据报告的新攻击不断更新列表。