APT Hides Among an Emerging Threat Land Grab

December 31, 2022

The APT, or Advanced Persistent Threat, is the latest cyber-threat to be active in our environment. It is currently known to affect computers around the world. It has a range of capabilities, which makes it a potentially formidable threat. Its popularity is increasing, and its presence is threatening to be a major problem for many organizations. But how can you keep it out of your network? Read on to learn more about APT hides among an emerging threat land grab.

APT38

APT38 is a North Korean state-sponsored threat group that is responsible for a series of cyber heists that stole millions of dollars from banks around the world. The threat actor also has linked to the theft of millions of dollars from crypto exchanges.

APT38 known for its ability to steal money through a series of fraudulent transactions on the SWIFT banking transaction system. APT38 has almost continuously targeted financial institutions worldwide. These attacks characterized by the long-term access and destruction of victim networks. In fact, APT38 was known to remain on the target network for at least 155 days.

APT35

APT35 is a threat actor linked to the Iranian government and has been a major cyber threat in the past decade. Its activities range from internet-based spying to long-term operations. APT35 targets government and private organizations, including military, media, and academia. It typically targets diplomatic personnel, U.S. government agencies, energy, transport and telecom sectors, and engineering services.

APT35 has responsible for numerous cyber attacks around the globe. Its main tools include malware loaders, backdoors, keyloggers, browser info stealers and Trojans. It also relies on penetration testing tools.

APT31

The Chinese state-sponsored cyber espionage group APT31 observed hijacking home routers. Researchers also observing threat actors conducting exfiltrations of data from infected networks. The threat group also linked to the APT20 espionage campaign, which appears to interested in monitoring political interests.

The APT31 threat group targets various organizations in several sectors. It primarily focuses on obtaining information for the Chinese government.

The group detected leveraging a variety of tools, including: Custom malware, downloaders, backdoors, network reconnaissance, network exploitation, and proxy meshes. This allows the operators to leverage their botnets, which relay malicious traffic and relay stolen data.

APT32

APT32 is a threat group that targets private, public, and government sector organizations in Southeast Asia and China. It uses a range of techniques including signature malware payloads, custom tooling, and commercially-available tools. The malware used by APT32 has the capability to penetrate a host computer and inject itself into memory.

In 2015 and 2016, FireEye detected APT32 activities, including a malware attack on Vietnamese media outlets. In addition, the Electronic Frontier Foundation appeared to be a victim of APT32’s clandestine data collection activity.

APT32 is a Vietnam-based threat group that conducts covert cyber-espionage. It targets a wide range of sectors, from journalists and human rights activists to large multinational corporations.

APT14

Among the growing land grab of emerging threats, one threat actor is avoiding detection. The threat known as APT14, which has targeting organizations in a variety of industries. The group focuses on technology companies, satellite communications, and telecommunications firms.

The malware, referred to by security researchers as PowerPool, uses PowerShell to perform lateral movement. In addition, the group changes DNS configuration and then redirects traffic to malicious apps disguised as legitimate sites. The attackers use previously undiscovered zero-day exploits to launch spear phishing attacks on targeted individuals.

Finished: APT Hides Among an Emerging Threat Land Grab

Ammar Fakhruddin

ABOUT AUTHOR

Ammar brings in 18 years of experience in strategic solutions and product development in Public Sector, Oil & Gas and Healthcare organizations. He loves solving complex real world business and data problems by bringing in leading-edge solutions that are cost effective, improve customer and employee experience. At Propelex he focuses on helping businesses achieve digital excellence using Smart Data & Cybersecurity solutions.


Data Security Through Data Literacy

Data Security Through Data Literacy

Unlocking data security through data literacy. Explore the pivotal role of understanding data in fortifying cybersecurity measures. Data is now pervasive, and it is important for people to understand how to work with this information. They need to be able to interpret...

Trojan Rigged Tor Browser Bundle Drops Malware

Trojan Rigged Tor Browser Bundle Drops Malware

Trojan Rigged Tor Browser Bundle drops malware. Stay vigilant against cybersecurity threats, and secure your online anonymity with caution. Threat actors have been using Trojanized installers for the Tor browser to distribute clipboard-injector malware that siphons...

Siri Privacy Risks: Unveiling the Dangers

Siri Privacy Risks: Unveiling the Dangers

Unveiling Siri privacy risks: Understand the potential dangers and take steps to enhance your digital assistant's security. Siri is a great piece of technology, but it can also be dangerous to users’ privacy. This is a serious issue that should be addressed....

Recent Case Studies

Press Releases

News & Events

Solutions

Managed Security Services
Security & Privacy Risk Assessment
Cloud Platform Security
Incident Response & Business Continuity

Penetration Testing

Virtual CISO

Email Security & Phishing

Resources

Blog

About Us