North Korean-backed 'Sharpshooter' cyber attacks still on: Report

North Korean-backed 'Sharpshooter' cyber attacks still on: Report

Published
Hot News
2 min read
McAfee logo.
San Francisco, March 4 (IANS) A global cyber espionage campaign, known as Operation Sharpshooter, started a year earlier than previously thought and is still ongoing, say security researchers, adding that a group linked to North Korea could be behind the campaign.
The findings were revealed after researchers at US-headquartered global cybersecurity firm McAfee got a rare opportunity to examine the code and data from a command-and-control server responsible for the management of the operations, tools and tradecraft behind this global cyber espionage campaign.
McAfee on Sunday said the command-and-control server code was provided by a government entity.
"Access to the adversary's command-and-control server code is a rare opportunity. These systems provide insights into the inner workings of cyberattack infrastructure, are typically seized by law enforcement, and only rarely made available to private sector researchers," Christiaan Beek, McAfee Senior Principal Engineer and Lead Scientist, said in a statement.
McAfee first uncovered Operation Sharpshooter in December 2018.
The new analysis suggests that the campaign began as early as September 2017 -- approximately a year earlier than previously evidenced -- and is still ongoing.
Analysis of the new evidence has exposed striking similarities between the techniques used in the Sharpshooter attacks and aspects of multiple other groups of attacks attributed by the industry to the Lazarus Group, McAfee said.
The Lazarus Group is linked to North Korea which was blamed for the 2016 Sony hack and the WannaCry ransomware outbreak in 2017 among other attacks on global businesses.
The Sharpshooter attacks appear to now focus primarily on financial services, government and critical infrastructure, McAfee said, adding that the largest number of recent attacks primarily target Germany, Turkey, Britain and the US.
Previous attacks focused on telecommunications, government and financial sectors, primarily in the US, Switzerland, Israel and others, it added.
--IANS
gb/bg

(This story was auto-published from a syndicated feed. No part of the story has been edited by The Quint.)

(This story was auto-published from a syndicated feed. No part of the story has been edited by The Quint.)

(The Quint is available on Telegram. For handpicked stories every day, subscribe to us on Telegram)

We'll get through this! Meanwhile, here's all you need to know about the Coronavirus outbreak to keep yourself safe, informed, and updated.

Liked this story? We'll send you more. Subscribe to The Quint's newsletter and get selected stories delivered to your inbox every day. Click to get started.

The Quint is available on Telegram & WhatsApp too, click to join.

Stay Updated

Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.

Join over 120,000 subscribers!