‘Get rich or die trying’ – Check Point Researchers Uncover International Cyber Attack Campaign
‘Get rich or die trying’ – Check Point Researchers Uncover International Cyber Attack Campaign
  • monica
  • 승인 2017.08.15 22:00
  • 댓글 0
이 기사를 공유합니다

SAN CARLOS, Calif., Aug. 15, 2017 (GLOBE NEWSWIRE) -- Check Point® Software Technologies Ltd. (NASDAQ:CHKP) has today revealed the identity of the criminal behind a series of what appeared to be state-sponsored cyberattacks targeting over 4,000 companies in the energy, mining and infrastructure sectors.

The campaign started in April 2017, and has targeted some of the largest international organizations in the oil & gas, manufacturing, banking and construction industries.  The global scale of the campaign and the organizations targeted suggest an expert gang or state-sponsored agency is behind it:  but the campaign is the work of a lone Nigerian national in his mid-20s, living near the country’s capital.  On his Facebook account, he uses the motto:  ‘get rich or die trying’.

His attack campaign used fraudulent emails which appear to originate from oil and gas giant Saudi Aramco, the world’s second largest daily oil producer, targeting financial staff within companies to trick them into revealing company bank details, or open the email’s malware-infected attachment. 

He used NetWire, a remote access Trojan which allows full control over infected machines, and Hawkeye, a keylogging program.  The campaign has resulted in 14 successful infections, earning the criminal thousands of dollars in the process.

Maya Horowitz, Threat Intelligence Group Manager for Check Point said:  “Even though this individual is using low-quality phishing emails, and generic malware which is easy to find online, his campaign has still been able to infect several organizations and target thousands more worldwide.  It shows just how easy it is for a relatively unskilled hacker to launch a large-scale campaign that successfully breaches the defenses of even large companies, enabling them to commit fraud.”

“This emphasizes the need for organizations to improve their security to protect against phishing or business email compromise scams, and to educate employees to be cautious about opening emails, even from companies or individuals that they recognize.”

Since uncovering the campaign and establishing its origins, Check Point’s research team has notified law enforcement authorities in Nigeria and internationally and shared its findings with them.

Business Email Compromise (BEC) attacks have increased dramatically over the past 18 months.  The FBI reported a 270% increase in victims since the start of 2016, costing organizations globally over US $3 billion from 2013 to 2016, and estimates that BEC victims lose $50,000 on average.

The Check Point Anti-Spam & Email Security Software Blade protects customers from falling victim to such scams.  Its multidimensional approach protects email infrastructure, provides highly accurate anti-spam coverage, and defends organizations from a wide variety of virus and malware threats delivered by email.  In addition, SandBlast™ Agent with Zero Phishing™ technology protects organizations from new and unknown phishing sites, as well as from threats contained in documents and links within emails.

For more information about the techniques used by the individual to target organizations, visit: http://blog.checkpoint.com/2017/08/15/get-rich-die-trying-case-study-real-identity-behind-wave-cyberattacks-energy-mining-infrastructure-companies/

Follow Check Point via:
Check Point Blog: http://blog.checkpoint.com/
Twitter: http://www.twitter.com/checkpointsw
Facebook: http://www.facebook.com/checkpointsoftware
YouTube: http://www.youtube.com/user/CPGlobal
LinkedIn: https://www.linkedin.com/company/check-point-software-technologies

About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is the largest network cybersecurity vendor globally, providing industry-leading solutions and protecting customers from cyberattacks with an unmatched catch rate of malware and other types of threats. Check Point offers a complete security architecture defending enterprises – from networks to mobile devices – in addition to the most comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes.  

CONTACT: Investor Contact
Kip E. Meintzer
Check Point Software Technologies 
+1.650.628.2040 
ir@checkpoint.com  

Media Contact
Ali Donzanti
Check Point Software Technologies
+1 650.628.2030  
press@checkpoint.com 

댓글삭제
삭제한 댓글은 다시 복구할 수 없습니다.
그래도 삭제하시겠습니까?
댓글 0
댓글쓰기
계정을 선택하시면 로그인·계정인증을 통해
댓글을 남기실 수 있습니다.

  • Korea IT Times: Copyright(C) 2004, Korea IT Times. .Allrights reserved.
  • #1206, 36-4 Yeouido-dong, Yeongdeungpo-gu, Seoul, Korea(Postal Code 07331)
  • 서울특별시 영등포구 여의도동 36-4 (국제금융로8길 34) / 오륜빌딩 1206호
  • * Mobile News: m.koreaittimes.com
  • * Internet news: www.koreaittimes.com
  • * Editorial Div. 02-578-0434 / 010-2442-9446 * PR Global/AD: 82-2-578-0678.
  • * IT Times Canada: Willow St. Vancouver BC
  • 070-7008-0005
  • * Email: info@koreaittimes.com
ND소프트