 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
APT group: Karkadann| Names | Karkadann (Kaspersky) | |
| Country | [Unknown] | |
| Motivation | Information theft and espionage | |
| First seen | 2020 | |
| Description | (Kaspersky) Karkadann is a threat actor that has been targeting government bodies and news outlets in the Middle East since at least October 2020. The threat actor leverages tailor-made malicious documents with embedded macros that trigger an infection chain, opening a URL in Internet Explorer. The minimal functionality present in the macros and the browser specification suggest that the threat actor might be exploiting a privilege-escalation vulnerability in Internet Explorer. Despite the small amount of evidence available for analysis in the Karkadann case, we were able to find several similarities to the Piwiks case, a watering-hole attack we discovered that targeted multiple prominent websites in the Middle East. | |
| Observed | Sectors: Government, Media. Countries: Middle East. | |
| Tools used | ||
| Information | <https://securelist.com/apt-trends-report-q1-2021/101967/> | |
Last change to this card: 16 May 2021
Download this actor card in PDF or JSON format
Previous: ITG18
Next: Ke3chang, Vixen Panda, APT 15, GREF, Playful Dragon
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |