World Video | Defence | Foreign Affairs | Natural Events | Trade | NZ in World News | NZ National News Video | NZ Regional News | Search

 

Tortoiseshell Group Targets IT Providers in Saudi Arabia

Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks

Previously undocumented group hits IT providers in the Middle East

A previously undocumented attack group is using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers.

This activity indicates the attackers had achieved domain admin level access on these networks, meaning they had access to all machines on the network.

The group, which we are calling Tortoiseshell, has been active since at least July 2018. Symantec has identified a total of 11 organizations hit by the group, the majority of which are based in Saudi Arabia. In at least two organizations, evidence suggests that the attackers gained domain admin-level access.

Another notable element of this attack is that, on two of the compromised networks, several hundred computers were infected with malware. This is an unusually large number of computers to be compromised in a targeted attack. It is possible that the attackers were forced to infect many machines before finding those that were of most interest to them.

Symantec has seen Tortoiseshell activity as recently as July 2019.

On at least two victim networks, Tortoiseshell deployed its information gathering tools to the Netlogon folder on a domain controller. This results in the information gathering tools being executed automatically when a client computer logs into the domain. This activity indicates the attackers had achieved domain admin level access on these networks, meaning they had access to all machines on the network.

To read the full report please visit https://www.symantec.com/blogs/threat-intelligence/tortoiseshell-apt-supply-chain.

###


© Scoop Media

 
 
 
World Headlines

 


Binoy Kampmark: Europe Dries Up
Scenes and pictures have been circulating of broken earth, lacking moisture, cracked and yearning. But these are not from traditional drought-stricken parts of the planet, where the animal carcass assumes near totemic power... More>>



UN: Bachelet Alarmed By Number Of Palestinian Children Killed In Latest Escalation

UN Human Rights Chief Michelle Bachelet today expressed alarm at the high number of Palestinians, including children, killed and injured in the occupied Palestinian territory this year, including in intense hostilities between Israel and Palestinian armed groups in Gaza last weekend... More>>

Save The Children: One Year Under Taliban Rule, Girls Are More Isolated, Hungry, Sad: New Report
One year since the Taliban took control of Afghanistan, an economic crisis, crippling drought and new restrictions have shattered girls’ lives, excluding them from society and leaving them hungry...
More>>

Somalia: ‘We Cannot Wait For Famine To Be Declared; We Must Act Now’
Rising acute food insecurity in Somalia has caused more than 900,000 people to flee their homes in search of humanitarian assistance since January last year, the Food and Agriculture Organization (FAO) has warned... More>>

UN: American West Faces Water And Power Shortages Due To Climate Crisis
Two of the largest reservoirs in the United States are at dangerously low levels due to the climate crisis and overconsumption of water, which could affect water and electricity supply for millions in six western states and Mexico, the UN Environment Programme (UNEP) warned on Tuesday... More>>



Singapore: UN Experts Call For Immediate Moratorium On Executions For Drug Offences

UN experts* today condemned the execution of Nazeri Bin Lajim, a 64-year-old Malay Singaporean national convicted of drug offenses and urged the Government of Singapore to halt plans to execute individuals on death row for drug related charges... More>>