Russia and South Korea targeted by under-the-radar Bisonal attack

Unit 42, Palo Alto Networks’ threat intelligence arm, have uncovered an ongoing cyber attack campaign targeting Russia and South Korea

That only 14 samples of the current attack campaign Bisonal variant have been collected by Unit 42, would suggest that it is being used rather sparingly. Which, in turn, suggests it may well be a nation-state player using it. Indeed, the variant has re-written large tracts of the original Bisonal malware code dealing with network communication and in order to better maintain a persistent presence. Again, indicative of the kind of Advance Persistent Threat (APT) campaign favoured by nation-state actors.


Click here to read complete article