Anti-Malware Research Whitepapers

APT Hackers for Hire Used for Industrial Espionage

Bitdefender recently investigated an APT-style cyberespionage attack targeting an international architectural and video production company, pointing to an advanced threat actor and South Korean-based C&C infrastructure.

The targeted company is known to have been collaborating in billion-dollar real estate projects in New York, London, Australia, and Oman. The sophistication of the attack reveals that the APT-style group had prior knowledge of the company’s security systems and used software applications, carefully planning their attack to infiltrate the company and exfiltrate data undetected.

During the investigation, Bitdefender researchers found that threat actors had an entire toolset featuring powerful spying capabilities and made use of a previously unknown vulnerability in a popular software widely used in 3D computer graphics (Autodesk 3ds Max) to compromise the target.

Industrial espionage is nothing new, and, since the real estate industry is highly competitive, with contracts valued at billions of dollars, the stakes are high for winning contracts for luxury projects. This could justify turning to mercenary APT groups for gaining a negotiation advantage.

Key Findings:

• Potential APT mercenary group used for industrial cyberespionage
• Industrial espionage for competitiveness in the real estate industry
• Malicious payload posing as a plugin for a popular 3D computer graphics software (Autodesk 3ds Max)
• Payload tested against the company’s security solution to avoid detection upon delivery
• C2 infrastructure based in South Korea

For more detailed information about the investigation, please feel free to check out the full paper below:

Download the whitepaper

About the author

Avatar

Liviu ARSENE

Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past couple of years. He is the youngest and most restless member of the Bitdefender writer team and he covers mobile malware and security topics with fervor and a twist. His passions revolve around gadgets and technology, and he's always ready to write about what's hot and trendy out there in geek universe.

About the author

Victor Vrabie

Victor Vrabie

Victor VRABIE is a security researcher at Bitdefender and he's based Iasi, Romania. Focusing on malware research, advanced persistent threats, and cybercrime investigations, he's also a graduate of Computer Sciences.

About the author

Bogdan Rusu

Bogdan Rusu

Bogdan Rusu is a Security Researcher whose daily activities revolve around analyzing Advanced Persistent Threats and actively being involved in cybercrime investigations. With a bachelor's degree in Computer Science, he is currently pursuing a Master's Degree as well. He enjoys writing code, finding out how things works by tearing them apart and peeking behind the curtain, and he loves tinkering by automating things.

About the author

Alexandru MAXIMCIUC

Alexandru MAXIMCIUC

Team Lead, Cyber Threat Intelligence Lab

Alexandru "Sasha" Maximciuc is a veteran security researcher with more than a decade of experience. His research is mostly focused on exploits, advanced persistent threats, cybercrime investigations, and packing technologies.

About the author

Cristina VATAMANU

Cristina VATAMANU

Senior Team Lead, Cyber Threat Intelligence Lab

Cristina Vatamanu is Senior Team Lead in the Cyber Threat intelligence Lab at Bitdefender. She is based in Iasi, Romania, and has more than 10 years of forensic work under her belt, being involved in malware analysis, cybercrime investigations, research projects for antimalware tools optimization. She graduated Computer Sciences and she has a PHD degree in machine learning used in hybrid models dedicated in detecting malicious programs.

Add Comment

Click here to post a comment