Kaspersky analyzes Active Cyberespionage Campaign Targeting Online Gaming
VARINDIA- INDIA'S FRONTLINE IT MAGAZINE
Kaspersky Lab's team of experts has published a detailed research report that analyzes a sustained cyberespionage campaign conducted by the cybercriminal organization known as "Winnti".
According to Kaspersky Lab's report, the Winnti group has been attacking companies in the online gaming industry since 2009 and is currently still active. The group’s objectives are stealing digital certificates signed by legitimate software vendors in addition to intellectual property theft, including the source code of online game projects.
The first incident that drew attention to the Winnti group’s malicious activities occurred in the autumn of 2011, when a malicious Trojan was detected on a large number of end-user computers across the globe. The clear link between all of the infected computers is that they were used to play a popular online game.
In response, the computer game publisher that owned the servers which spread the Trojan to its users asked Kaspersky Lab to analyze the malicious program. The Trojan turned out to be a DLL library compiled for a 64-bit Windows environment and used a properly signed malicious drive. It was a fully functionally Remote Administration Tool (RAT), which gives attackers the ability to control a victim’s computer without the user’s knowledge. The finding was significant as this Trojan was the first malicious program on a 64-bit version of Microsoft Windows 7 that had a valid digital signature.......See More