Skip to content

Davey Winder

delivering award-winning technology journalism since 1991

  • home
  • about me
  • follow me on mastodon
  • privacy policy
  • Toggle search form
Cyber crime logo image

The Poseidon misadventure: inside a targeted attack group

Posted on February 11, 2016February 11, 2016 By Davey Winder

This blackmail gang has been in operation for a decade, but only now has its attack methodologies come to light.

The Poseidon cyberespionage group has, according to researchers from the Kaspersky Global Research and Analysis Team (GReAT), been a player in the targeted malware business since at least 2005. In fact, there’s reason to believe that Poseidon could have been testing the malware water for a few years even before then. Poseidon is not a new threat actor then, far from it. What it is though, is a newly discovered threat actor. Although the individual malware samples it has used were detected over the years, by highly customising each targeted attack this prevented security researchers from joining the dots and linking seemingly disparate incidents. What the Kaspersky researchers have done is complete the picture and reveal a single and rather dangerous actor in the shape of Poseidon.

The Kaspersky GReAT researchers report how Poseidon posed as a legitimate security business, but one whose business model relied upon stealing data which could then be used to blackmail the victims into becoming clients of the security contracting outfit. This takes an old-school extortion racket concept and propels it into the cyber age. This shouldn’t really surprise anyone. After all, many DDoS attacks are actually just employing ‘protection racket’ tactics to extract cash from the victim. “Pay us an insurance policy and we won’t take your business offline madam” rings as true using a SYN flood as, “wouldn’t it be a shame if your stock got broken love,” does from a clumsy oaf with a hammer in a china shop.

Click here to read complete article

Cybercrime Tags:APT, Blackmail, Cybercrime, Kaspersky, Research

Post navigation

Previous Post: Why Safer Internet Day could teach businesses a thing or two
Next Post: Does the UK need a chief information security officer?

Related Articles

Has Amazon’s Ring Been Hacked? Ransomware Gang Posts ‘Data Leak’ Threat Cybercrime
Reddit Confirms It Was Hacked—Recommends Users Set Up 2FA Breach
Is ChatGPT a security threat? I asked, the AI bot replied. Analysis
JD Sports Group Hacked – What 10 Million Customers Need To Know Breach
Wordcloud with Cyber Security at centre No, PayPal Hasn’t Been Hacked: Yet Almost 35,000 Accounts Were Breached Analysis
Thousands Of PayPal Accounts Hacked—Is Yours One Of Them? Breach

Categories

Post Archive

Tags

0day Analysis Android Apple Apps breach bug bounty Business Chrome crime Cybercrime Data Protection Encryption Enterprise Google Government hack Hackers Hacking healthcare industry iOS IoT iPhone Malware Microsoft News NHS Opinion passwords Phishing Privacy ransomware Research Russia Samsung threat intelligence Threatscape Update Vulnerabilites vulnerabilities Vulnerability Windows Windows 10 zero-day

Copyright © 2023 Davey Winder .

×
Cookies
We serve cookies. If you think that's ok, just click "Accept all". You can also choose what kind of cookies you want by clicking "Settings". Read our cookie policy
Settings Refuse all Accept all
Cookies
Choose what kind of cookies to accept. Your choice will be saved for one year. Read our cookie policy
  • Necessary
    These cookies are not optional. They are needed for the website to function.
  • Statistics
    In order for us to improve the website's functionality and structure, based on how the website is used.
  • Experience
    In order for our website to perform as well as possible during your visit. If you refuse these cookies, some functionality will disappear from the website.
  • Marketing
    By sharing your interests and behavior as you visit our site, you increase the chance of seeing personalized content and offers.
Save Refuse all Accept all
GDPR Cookie Policy