Submission + - DNS Hijacking Campaign Targets Intel, Military Organizations
Trailrunner7 writes: A highly capable and resourceful attack team has been targeting national security organizations, telecommunications providers, ISPs, and energy companies in the Middle East and Africa via a DNS-hijacking campaign that stretches back to at least January 2017. The group uses a variety of techniques to manipulate the DNS system and is responsible for the only known DNS registry compromise, as well as a number of other successful intrusions.
The attackers behind this campaign, known as Sea Turtle. have compromised more than 40 separate organizations over the course of the last two years and have shown the ability to use several different tactics to accomplish their goals, including exploiting known vulnerabilities in web applications, routers and switches, stealing SSL certificates to set up man-in-the-middle servers, and spoofing VPN apps to steal credentials. Researchers from the Cisco Talos Intelligence Group have been tracking the attackers and said in a new report the group is distinct from the team behind previous DNS-hijacking operations such as DNSpionage and likely has backing from a nation state.
The attackers behind this campaign, known as Sea Turtle. have compromised more than 40 separate organizations over the course of the last two years and have shown the ability to use several different tactics to accomplish their goals, including exploiting known vulnerabilities in web applications, routers and switches, stealing SSL certificates to set up man-in-the-middle servers, and spoofing VPN apps to steal credentials. Researchers from the Cisco Talos Intelligence Group have been tracking the attackers and said in a new report the group is distinct from the team behind previous DNS-hijacking operations such as DNSpionage and likely has backing from a nation state.
DNS Hijacking Campaign Targets Intel, Military Organizations More Login
DNS Hijacking Campaign Targets Intel, Military Organizations
Slashdot Top Deals