-
Tips for becoming a good boxer - November 6, 2020
-
7 expert tips for making your hens night a memorable one - November 6, 2020
-
5 reasons to host your Christmas party on a cruise boat - November 6, 2020
-
What to do when you’re charged with a crime - November 6, 2020
-
Should you get one or multiple dogs? Here’s all you need to know - November 3, 2020
-
A Guide: How to Build Your Very Own Magic Mirror - February 14, 2019
-
Our Top Inspirational Baseball Stars - November 24, 2018
-
Five Tech Tools That Will Help You Turn Your Blog into a Business - November 24, 2018
-
How to Indulge on Vacation without Expanding Your Waist - November 9, 2018
-
5 Strategies for Businesses to Appeal to Today’s Increasingly Mobile-Crazed Customers - November 9, 2018
High-profile Hackers are Independent Groups Targeting Corporate Secrets for
According to new research from the largest USA security software vendor, Symantec Corp, the group appears to be among the few that display significant talent without backing from a national government.
Advertisement
American companies have so far been the most popular victims for Morpho, with at least 17 companies attacked in the U.S. Meanwhile, 12 European and four Canadian companies have also been targeted.
Vikram Thakur, senior manager at Symantec, indicated that several of these groups are being tracked and their methods analysed.
The group, which security researchers from Kaspersky Lab and Symantec call Wild Neutron or Morpho, has broken into the networks of over 45 large companies since 2012.
FIN4 is known to have less technical skill but uses knowledge of the investment banking world and strong social engineering, or trickery, to harvest email credentials and discover material financial information.
A “watering hole” approach was used by Morpho, which infects websites that were likely to attract employees of its targets as visitors. The hacking collective has been known to target iPhone developers as well as the pharmaceutical and aviation industries.
Initially, it was thought that China was behind these attacks, but as it turns out, Apple stated that no data was stolen from these breaches.
Following this flurry of publicity, the Morpho group slipped back into the shadows.
After the 2013 attacks against Twitter, Facebook, Apple and Microsoft were highly publicized, the group went underground and temporarily halted its activity. The use of encryption to hide where they’ve stored stolen information also makes the job of law enforcement more challenging.
On its blog, Symantec explains, “Morpho is a disciplined, technically capable group with a high level of operational security”. As seen on the map above, a third of the cyberattacks were on companies based in the US; Europe and Canada came in second and third. – Symantec reports on their site. Thakur adds that the Morpho group has around 10 members in its organization within which some have a good hold of their English while one of them may even have worked at an intelligence agency. The Federal Bureau of Investigation declined to comment when asked by Reuters, while all the tech companies also declined to discuss the research or any implications. Symantec is aware of 49 organisations that have been breached by Morpho since 2012, with numbers rising each year.
Advertisement
Symantec noted, however, that Morpho has since developed an arsenal of custom hacking tools, called Securetunnel, Bannerjack and Eventlog, which, respectively send C2 server information to infected computers; retrieve default messages issued by Telnet, HTTP and generic TCP servers; and parse event logs for attackers.