Skip to content

Davey Winder

delivering award-winning technology journalism since 1991

  • home
  • about me
  • follow me on mastodon
  • privacy policy
  • Toggle search form
Cyber crime logo image

The Poseidon misadventure: inside a targeted attack group

Posted on February 11, 2016February 11, 2016 By Davey Winder

This blackmail gang has been in operation for a decade, but only now has its attack methodologies come to light.

The Poseidon cyberespionage group has, according to researchers from the Kaspersky Global Research and Analysis Team (GReAT), been a player in the targeted malware business since at least 2005. In fact, there’s reason to believe that Poseidon could have been testing the malware water for a few years even before then. Poseidon is not a new threat actor then, far from it. What it is though, is a newly discovered threat actor. Although the individual malware samples it has used were detected over the years, by highly customising each targeted attack this prevented security researchers from joining the dots and linking seemingly disparate incidents. What the Kaspersky researchers have done is complete the picture and reveal a single and rather dangerous actor in the shape of Poseidon.

The Kaspersky GReAT researchers report how Poseidon posed as a legitimate security business, but one whose business model relied upon stealing data which could then be used to blackmail the victims into becoming clients of the security contracting outfit. This takes an old-school extortion racket concept and propels it into the cyber age. This shouldn’t really surprise anyone. After all, many DDoS attacks are actually just employing ‘protection racket’ tactics to extract cash from the victim. “Pay us an insurance policy and we won’t take your business offline madam” rings as true using a SYN flood as, “wouldn’t it be a shame if your stock got broken love,” does from a clumsy oaf with a hammer in a china shop.

Click here to read complete article

Cybercrime Tags:APT, Blackmail, Cybercrime, Kaspersky, Research

Post navigation

Previous Post: Why Safer Internet Day could teach businesses a thing or two
Next Post: Does the UK need a chief information security officer?

Related Articles

Big Game Hackers Smash $1 Billion Ransomware Barrier Cybercrime
New iPhone Security Warning As Malicious Lockdown Mode Trick Revealed Apple
Gmail Hackers Leave Vital Clues Behind—Check These 3 Things Now Analysis
Top 5 Ways To Thwart The Coming Black Friday Ransomware Storm Cybercrime
ChatGPT Down As Anonymous Sudan Hackers Claim Responsibility AI
New Critical Security Warning For iPhone, iPad, Watch, Mac—Attacks Underway Analysis

Categories

Post Archive

Tags

0day Analysis Android Apple Apps breach bug bounty Business Chrome crime Cybercrime Data Protection Encryption Enterprise Google Government Hackers Hacking Health healthcare industry iOS IoT iPhone Malware Microsoft News NHS Opinion passwords Phishing Privacy ransomware Research Russia Samsung threat intelligence Twitter Update Vulnerabilites vulnerabilities Vulnerability Windows Windows 10 zero-day

Copyright © 2025 Davey Winder .

×
Cookies
We serve cookies. If you think that's ok, just click "Accept all". You can also choose what kind of cookies you want by clicking "Settings". Read our cookie policy
Settings Refuse all Accept all
Cookies
Choose what kind of cookies to accept. Your choice will be saved for one year. Read our cookie policy
  • Necessary
    These cookies are not optional. They are needed for the website to function.
  • Statistics
    In order for us to improve the website's functionality and structure, based on how the website is used.
  • Experience
    In order for our website to perform as well as possible during your visit. If you refuse these cookies, some functionality will disappear from the website.
  • Marketing
    By sharing your interests and behavior as you visit our site, you increase the chance of seeing personalized content and offers.
Save Refuse all Accept all
GDPR Cookie Policy