Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone
Pacifier APT – learn more about this Advanced Persistent Threat

The latest attack wave of the Pacifier APT uses spear-phishing mails and highly obfuscated code to infiltrate targets of interest.

The spear-phishing mails have been seen holding fake documents on oil conferences, international politics, and budget calculations.

The Pacifier APT has been seen in the following countries:

  • Iran
  • India
  • The Philippines
  • Russia
  • Lithuania
  • Thailand
  • Vietnam
  • Hungary

The report that has been published by BitDefender shares the following indicators of interest:

  • reckless.dk/wp-includes/class-pomo.php
  • reckless.dk/wp-includes/class.wp-db.php
  • fishstalk.esy.es/wp-content/plugins/bbpress/includes/common/menu.php
  • fishstalk.esy.es/wp-includes/SimplePie/Net/IPv4.php
  • 77-ufo.com/wp-includes/class-menu.php
  • 77-ufo.com/pma/db_table.php
  • scientific.otzo.com/rss.php
All the sites above seem to be compromised web servers

You can read the full report by BitDefender here

http://download.bitdefender.com/resources/media/materials/white-papers/en/Bitdefender-Whitepaper-PAC-A4-en_EN1.pdf

Source

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone
  • Learn more about eGRC Strategy, Products and Services click here
  • Learn more about Threat & Vulnerability Management Platforms click here
  • Learn more about Advanced End Point Protection click here
  • Learn more about NextGen Identity & Access Management Solutions click here