Thursday, March 4, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples

September 24, 2019
in Internet Privacy
Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions.

In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace, producing highly specialized hacking techniques and toolkits for cyber espionage.

You might also like

A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account

Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

Over the past three decades, many high profile hacking incidents—like hacking the US presidential elections, targeting a country with NotPetya ransomware, causing blackout in Ukrainian capital Kiev, and Pentagon breach—have been attributed to Russian hacking groups, including Fancy Bear (Sofacy), Turla, Cozy Bear, Sandworm Team and Berserk Bear.

Besides continuously expanding its cyberwar capabilities, the ecosystem of Russian APT groups has also grown into a very complex structure, making it harder to understand who’s who in Russian cyber espionage.

Now to illustrate the big picture and make it easier for everyone to understand the Russian hackers and their operations, researchers from Intezer and Check Point Research joint their hands to release a web-based, interactive map that gives a full overview of this ecosystem.

Dubbed “Russian APT Map,” the map can be used by anyone to learn information about the connections between different Russian APT malware samples, malware families, and threat actors—all just clicking on nodes in the map.

russian hacking groups map

“The [Russian APT] map is basically a one-stop-shop for anyone who is interested to learn and understand the connections and attributions of the samples, modules, families, and actors that together comprise this ecosystem,” researchers told The Hacker News.

“By clicking on nodes in the graph, a side panel will reveal, containing information about the malware family the node belongs to, as well as links to analysis reports on Intezer’s platform and external links to related articles and publications.”

At its core, the Russian APT Map is the result of comprehensive research where researchers gathered, classified and analyzed more than 2,000 malware samples attributed to Russian hacking groups, and mapped nearly 22,000 connections between them based on 3.85 million pieces of code they shared.

“Every actor or organization under the Russain APT umbrella has its own dedicated malware development teams, working for years in parallel on similar malware toolkits and frameworks. Knowing that a lot of these toolkits serve the same purpose, it is possible to spot redundancy in this parallel activity.”

Russian APT Map also reveals that though most of the hacking groups were re-using their own code in their own different tools and frameworks, no different groups were found using each other’s code.

“By avoiding different organizations re-using the same tools on a wide range of targets, they overcome the risk that one compromised operation will expose other active operations, preventing a sensitive house of cards from collapsing,” researchers say.

“Another hypothesis is that different organizations do not share code due to internal politics.”

To make it more efficient and up-to-date in the future, researchers have also open-sourced the map and the data behind it.

Besides this, researchers have also released a Yara rules-based scanning tool, dubbed “Russian APT Detector,” that can be used by anyone to scan a specific file, a folder, or a whole file system and search for infections by Russian hackers.


Credit: The Hacker News By: noreply@blogger.com (Wang Wei)

Previous Post

Machine learning could offer faster, more precise results for cardiac MRI scans

Next Post

99 percent of all misconfigurations in the public cloud go unreported

Related Posts

A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account
Internet Privacy

A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account

March 4, 2021
Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams
Internet Privacy

Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams

March 4, 2021
Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection
Internet Privacy

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

March 4, 2021
New Chrome 0-day Bug Under Active Attacks – Update Your Browser ASAP!
Internet Privacy

New Chrome 0-day Bug Under Active Attacks – Update Your Browser ASAP!

March 3, 2021
URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange
Internet Privacy

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

March 3, 2021
Next Post
99 percent of all misconfigurations in the public cloud go unreported

99 percent of all misconfigurations in the public cloud go unreported

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY]
Machine Learning

Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY]

March 4, 2021
Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill
Internet Security

Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill

March 4, 2021
Machine learning: is there a limit to technological patents in Brazil?
Machine Learning

The use of artificial intelligence in life sciences and the protection of the IP rights

March 4, 2021
CRM Shortcomings Leading to Lost Revenue
Marketing Technology

CRM Shortcomings Leading to Lost Revenue

March 4, 2021
Google patches actively exploited Chrome browser zero-day vulnerability
Internet Security

Google patches actively exploited Chrome browser zero-day vulnerability

March 4, 2021
A Plethora of Machine Learning Articles: Part 2
Data Science

A Plethora of Machine Learning Articles: Part 2

March 4, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY] March 4, 2021
  • Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill March 4, 2021
  • The use of artificial intelligence in life sciences and the protection of the IP rights March 4, 2021
  • CRM Shortcomings Leading to Lost Revenue March 4, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates