 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
APT group: WildPressure| Names | WilePressure (Kaspersky) | |
| Country | [Unknown] | |
| Motivation | Information theft and espionage | |
| First seen | 2019 | |
| Description | (Kaspersky) In August 2019, Kaspersky discovered a malicious campaign distributing a fully fledged C++ Trojan that we call Milum. All the victims we registered were organizations from the Middle East. At least some of them are related to industrial sector. Our Kaspersky Threat Attribution Engine (KTAE) doesn’t show any code similarities with known campaigns. Nor have we seen any target intersections. In fact, we found just three almost unique samples, all in one country. So we consider the attacks to be targeted and have currently named this operation WildPressure. | |
| Observed | Sectors: Industrial, Oil and gas. Countries: Middle East. | |
| Tools used | Milum. | |
| Operations performed | Spring 2021 | WildPressure targets the macOS platform <https://securelist.com/wildpressure-targets-macos/103072/> |
| Information | <https://securelist.com/wildpressure-targets-industrial-in-the-middle-east/96360/> | |
Last change to this card: 09 August 2021
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |