The FBI has sent a security alert to the US private sector highlighting a hacking campaign targeting supply chain software providers. Hackers are attempting to infect companies with the Kwampirs malware which has also been deployed in attacks against companies in the healthcare, energy, and financial sectors, and has now evolved to target companies in the ICS sector, and especially the energy sector.
“The @FBI says hackers are attempting to infect companies with the Kwampirs malware, a remote access trojan (RAT).” @ZDNet #SoftwareSupplyChain #CyberSecurity #SupplyChainCyberSecurity #Malware #RemoteAccessTrojan https://t.co/WDF659QFB9
— Christina Ayiotis (@christinayiotis) February 11, 2020
Experts Comments
Kwampirs is a backdoor Trojan that provides attackers with remote access to a compromised computer.
It’s concerning, but not altogether surprising, that according to the FBI, the Kwampirs malware is being used against supply chain software companies. Kwampirs is a backdoor Trojan that provides attackers with remote access to a compromised computer. Once inside a victim’s network, the malware propagates aggressively, such as by copying itself over network shares. In the past, Kwampirs was used to target companies in the healthcare sector. We have seen that malicious actors will use.....Read More
One of the most effective is to add specially tagged synthetic identities to confidential datasets.
Data breaches frequently happen because there’s a security failure at a supply chain partner. It’s not unusual for the breach to occur some way down the chain - maybe three or four levels removed from your own organisation. In truth the more partner connections you have the greater your digital risk profile, exposing you to threats beyond the network perimeter that you are powerless to control.
In today’s complex digital ecosystems, confidential data is routinely shared between.....Read More
The similarities between Kwampirs and Shamoon is particularly concerning, given that the latter is linked to APT33.
The similarities between Kwampirs and Shamoon is particularly concerning, given that the latter is linked to APT33 which has recently set its sights on ICS targets. The targeting of the software supply chain vendors is consistent with APT33's modus operandi of compromising individuals with one or two degrees of separation from the ultimate target. Owners and operators of critical infrastructure, especially in the oil and gas sector, should be vigilant of their communications with these third.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Matt Walmsley, EMEA Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The FBI’s report that threat actors are using digital supply chain infections as a distribution...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/kwampirs-malware-fbi-issues-warning-to-us-private-sector
Facebook Message
@Matt Walmsley, EMEA Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The FBI’s report that threat actors are using digital supply chain infections as a distribution...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/kwampirs-malware-fbi-issues-warning-to-us-private-sector