Kaspersky: attacks on United States hacker organization what it is difficult to see through-Kaspersky-IT information
World's leading information security company Russia 11th Kaspersky Lab, told Xinhua reporters that code for "cozy bears" and "fantasy bear" hacker did on United States network launched attacks from the Democratic Party, but what hackers are launching network attacks are difficult to check.
Kaspersky Lab News in reply to reporters, said the company was not involved in the attacks United States democratic party network survey and expert analysis is conducted to a series of network security incidents that "cozy bears" and "fantasy bear" implement such network hit.
Kaspersky Labs said that from 2014 the company began tracking the two hacker groups implemented acts of sabotage on the Internet. April 2015 Kaspersky was first released on "cozy bears" hacking bulletin stating that the organization is purposefully on the United States part of the State organs to launch cyber-attacks, which may include the United States the White House and the Chinese State Council.
Kaspersky Lab provides the Agency's network security bulletin July 2015, reporters saw a "cozy bears" are usually to be ready to attack the Office computer to send an e-mail, the mail has a video file that contains malicious software, its name is "Office monkeys video. zip." Users open the file to see some funny monkey, lens, while malicious software will automatically download to your computer. When the user for sharing this video to my colleagues and malware continue to infect other computer like a plague. Through this type of phishing deception, "cozy bears" on the United States, and Germany, and Korea and Uzbekistan's Government agencies and commercial companies to launch attacks.
According to Kaspersky Labs forecasts, "fantasy bear" hacker organization will continue, through the preparation of false program resource use bait, then steal information from a user. The stolen information might be used for blackmail, may also be used to fabricate render some messages, manipulate public opinion and creating social chaos, to deflect public attention from network attacks to steal out the fluidity of information content.
"Amazing bear" hackers posted a message in September 2016, on several occasions, disclosure has been endorsed by the World Anti-Doping Agency doping names of dozens of players from different countries. According to Russian media reports, "fantasy bear" and "cozy bears" also has two codes--APT28 and APT29. United States intelligence services said in a report published recently, of hacker organizations known as APT28 and APT29 respectively in the summer of 2015 spring broke and 2016 United States data of a certain political party system.
Kaspersky Lab said, confirming a hacker attack against people who actually is a very difficult thing, hackers usually deliberately left traces of false online, make trouble for Tracker, so that the latter is difficult to find the right direction. "Kaspersky Lab believe that the investigation of hacker identity tasks should be left to law enforcement agencies, Kaspersky Lab will focus on hacking techniques and the dangers they pose. ”
卡巴斯基:袭击美国的黑客组织真面目难以识破 - 卡巴斯基 - IT资讯
世界知名的信息安全公司俄罗斯卡巴斯基实验室11日对新华社记者说,代号为“舒适熊”和“奇幻熊”的黑客组织的确曾对美国民主党的网络发动过攻击,但发动网袭的黑客到底是什么人很难查清楚。
卡巴斯基实验室新闻处在给记者的回复中表示,该公司没有参与对黑客攻击美国民主党网络的调查,其专家是在对一系列网络安全事件进行分析后获悉“舒适熊”和“奇幻熊”实施过上述网袭的。
卡巴斯基实验室介绍说,该公司从2014年开始追踪这两个黑客组织在网上实施的破坏行为。2015年4月卡巴斯基首次发布关于“舒适熊”黑客活动的公告,指出该组织正有目的地对美国部分国家机关发动网络攻击,其中可能包括美国白宫和中国国务院。
在卡巴斯基实验室提供的该机构2015年7月网络安全公报上,记者看到,“舒适熊”通常会向其准备攻击的办公电脑发送电子邮件,该邮件中有一个包含恶意软件的视频文件,其名字为“办公室猴子视频.zip”。用户在打开文件后会看到一些滑稽可笑的猴子等镜头,与此同时恶意软件便自动下载到电脑上了。当用户出于分享的心理将这个视频发给其他同事后,恶意软件便像瘟疫一样不断感染其他办公电脑。通过这类钓鱼式欺骗手法,“舒适熊”曾对美国、德国、韩国和乌兹别克斯坦的政府机构和商业公司发动过攻击。
据卡巴斯基实验室预测,“奇幻熊”等黑客组织将继续通过编撰虚假的程序资源使用户上当,进而窃取用户信息。这些被窃得的信息可能被用于敲诈勒索,也可能被用于杜撰渲染某些消息、操纵社会舆论、制造社会混乱,将公众的关注点从网络攻击行为转移到通过窃取而流散出来的信息内容上。
“奇幻熊”黑客组织曾在2016年9月数次发布消息,披露了被世界反兴奋剂机构批准服用禁药的数十名不同国家的运动员姓名。另据美俄媒体报道,“奇幻熊”和“舒适熊”还分别有另外两个代号——APT28和APT29。美国情报部门在日前发布的报告中说,代号为APT28和APT29的黑客组织分别在2015年夏季和2016年春季突破了美国某政党的数据系统。
卡巴斯基实验室还表示,确认发动某次黑客攻击的人究竟是谁是非常困难的事情,黑客们通常会在网上故意留下虚假的痕迹,给追踪者制造麻烦,使后者难以找到正确调查方向。“因此卡巴斯基实验室认为应把调查黑客身份的任务留给执法机关,卡巴斯基实验室将集中精力研究黑客组织的各种技术手段及其带来的危险。”