越南人權組織遭駭客OceanLotus鎖定攻擊,入侵超過4年
支付動態 · 2024-09-03
研究人員在越南人權組織的電腦,發現駭客組織OceanLotus的活動,他們在4臺電腦找到相關蹤跡,駭客設定工作排程,從而持續在受害電腦持續活動
另一臺電腦駭客則是前述攻擊的一個半月後開始活動,對方利用WMI遠端執行命令,並濫用電子書管理軟體Calibre主程式執行惡意DLL程式庫。而駭客在這臺電腦進行名稱管道冒充攻擊不久,又對第3臺電腦下手,透過Cobalt Strike建立工作排程,使用SYSTEM帳號從事攻擊行為。
研究人員循線清查是否有其他電腦受害,結果找到另一臺駭客設置在開機啟動Calibre的電腦,駭客設置了3個偽裝成微軟及Adobe更新的工作排程,但實際用途是定期與遠端的IP位址及Cobalt Strike主機連線。數個月後,駭客進行偵察,從而部署Node.js執行檔,目的是執行惡意延伸套件。
Popular articles
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
Indiana online casino bill stalls in House committee
Regulation
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
Kazakhstan plans to penalise online casino promotions
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
British gambling levy rates confirmed for each vertical
Regulation
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
