Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Ambitious Attacks Against High Level Targets Continue

Symantec Threat Intelligence: Thrip: Ambitious Attacks Against High Level Targets Continue

Since Symantec first exposed the Thrip group in 2018, the stealthy China-based espionage group has continued to mount attacks in South East Asia, hitting military organisations, satellite communications operators, and a diverse range of other targets in the region.

The group has attacked at least 12 organisations, all located within South East Asia. Its targets have been located in Hong Kong, Macau, Indonesia, Malaysia, the Philippines, and Vietnam.

A diverse range of targets have been attacked over the past year, most notably military targets in two different countries. It has also attacked organisations in the maritime communications, media, and education sectors.

One of the most alarming discoveries we made in our original Thrip research was that the group had targeted a satellite communications operator and seemed to be interested in the operational side of the company, looking for and infecting computers running software that monitored and controlled satellites. Significantly, Thrip has continued to target organisations in the satellite communications sector, with evidence of activity dating to as recently as July 2019.

Much of this recent activity was uncovered by Symantec following the discovery of a Thrip tool, a backdoor called Hannotog which appears to have been used since at least January 2017. It was first detected in an organisation in Malaysia, where it triggered an alert for suspicious WMI activity with our Targeted Attack Analytics (TAA) technology, available in Symantec Endpoint Detection and Response (EDR).


Figure 1. Hannotag was first discovered when it triggered a Targeted Attack Analytics (TAA) alert for suspicious WMI activity

To read the full report please visit https://www.symantec.com/blogs/threat-intelligence/thrip-apt-south-east-asia


ends

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Reserve Bank: Ongoing Monetary Tightening
The Monetary Policy Committee today increased the Official Cash Rate (OCR) to 3 percent from 2.5 percent. The Committee agreed it remains appropriate to continue to tighten monetary conditions... More>>



Statistics: Weekly Earnings Rise As More In Full-time Employment

Median weekly earnings from wages and salaries rose by 8.8 percent to $1,189 in the year to the June 2022 quarter, Stats NZ said today... More>>



Bell Gully: Uncertainty Ahead With New Unconscionable Conduct Legislation

new prohibition against ‘unconscionable conduct’ in trade is one of a number of changes to the Fair Trading Act 1986 that come into force from 16 August 2022. The new prohibition may have wide-ranging implications for many businesses... More>>


Electricity Authority: Imposes Interim Restrictions On Very Large Electricity Contracts

Consumers of electricity will be protected from potentially paying more than they should due to the impact of very large electricity contracts on wholesale prices, under urgent changes announced today by the Electricity Authority... More>>


Westpac: Economic Overview, August 2022 – Pushing Through

The New Zealand economy faces some lean growth in the year ahead as households’ budgets are squeezed, according to Westpac’s latest Economic Overview... More>>


Kiwi Group Holdings: Fisher Funds Acquires Kiwi Wealth Business

Kiwi Group Holdings Limited (KGHL) today announced the sale of Kiwi Wealth to Fisher Funds for NZ$310 million... More>>