Cylance researchers discover powerful new nation-state APT
When a Belgian locksmith attacked the Pakistani Air Force, researchers at Cylance sat up and took notice. The locksmith probably never knew his website had been taken over by a nation-state hacking group as a command-and-control server, nor that exploit-laden Microsoft Word documents crafted to spear-phish Pakistani Air Force officers were hosted there for more than six months.
The Belgian locksmith was just a pawn in a global game of cyberespionage fought by a new nation-state hacking group, and while the target in this operation was Pakistan — both nuclear-armed and a haven for terrorists in the region — the incredibly sophisticated layers of misdirection used by the malware to mislead and delay forensics analysis worries security researchers, who say these attack tools could be deployed against anyone else in the world at any time.
Read more: Cylance researchers discover powerful new nation-state APT