Infosec researchers today uncovered a previously unknown cybercrime group that has been on the hunt for three years and is behaving like some of the more dangerous cybercriminals under Kim Jong-Un's watch.
Cyber espionage – What you need to know? How does the attack work? Where is the attack coming from? ⭐️
Cisco Talos has been investigating the espionage-focused group they call LilacSquid after observing attacks on a variety of organizations in the US, Europe and Asia. The Talos team has seen at least three successful breaches of a software company (US), an organization in the oil and gas industry (Europe) and a pharmaceutical company (Asia).
Asked by El Reg for details on these attacks, Asheer Malhotra, threat researcher at Cisco Talos, said that all sorts of sensitive files were available to the attackers, which could remain undetected for a long time.
"LilacSquid seeks to steal data of interest to the actor – such data may be specific to the type of victim and may range from information relating to any intellectual property, project, financial, etc," he said.
