In December, following the disclosure of the SolarWinds breach, Prodaft received an analysis request from a client and created a fingerprint based on public Indicators of Compromise ( IoCs) released by FireEye.Īfter running IPv4 scans, the team found new detections within 12 hours and then began combing the web for command-and-control servers (C2s) used in the operation while refining fingerprint records. SilverFish been connected to the recent SolarWinds breach as "one of many" threat groups taking advantage of the situation, in which malicious SolarWinds Orion updates were pushed to customers, leading to the compromise of thousands of corporate networks. Attacks are geared toward US and European entities and there is a specific focus on critical infrastructure and targets with a market value of over $100 million.
0 Comments
Leave a Reply. |