Targeted attacks using Trojan.Taidoor
TROJAN.TAIDOOR Targeted attacksaeint US-Taiwaninterests A WX P Attacks focused on targeting influencers of US/Taiwanese policy PDF DOC XLS PPT 47% 31% 12% 5% attachment types 7 3% SCR, 0.8% DLL, 0.6% EXE emails to Mr X Mr X, who is an expert on naval warfare, was targeted sixty six times in 2011. 3 years Targeted email Attacks containing Taidoor have been Peak number of emails ongoing since 2008 intercepted coincided with the US-Taiwan Defense Industry Conference in Sept 2011 vulnerabilities Wide range of vulnerabilities exploited • CVE-2009-4324 • CVE-2006-0022 • CVE-2006-6456 •CVE-2011-0611 • CVE-2007-5659 • CVE-2009-1129 • CVE-2009-3129 • CVE-2011-1991 • CVE-2011-2100 14 versions of Trojan.Taidoor since 11th Mar 2008 Live attack sessions Interactive sessions with attackers visiting infected computers observed by Symantec Top 0 command & control servers by country United States Taiwan Korea, Republic of,Korea, Republic of Hong Kong Thailand Most C&C servers India located in... Japan Singapore Taiwan Mexico Uses hacked Saudi Arabia USA servers for C&C hours is the typical daily operational window when interactive sessions are conducted. Scan QR code to download These are during the hours of 9AM to 4PM (East Asian time zone) report O Symantec Corparation 2012 Symantec.cloud. Symantec Endpoint Protection www.symantec.com/business/ V Norton Norton Antivirus us.norton.com symanteccloud.com Sources: http://bit.ly/ymfAcw http://www.symantec.com/securityresponse/ http://tms.sym antec.com y twitter FOLLOW US V Symantec. Security Response @threatintel TROJAN.TAIDOOR Targeted attacksaeint US-Taiwaninterests A WX P Attacks focused on targeting influencers of US/Taiwanese policy PDF DOC XLS PPT 47% 31% 12% 5% attachment types 7 3% SCR, 0.8% DLL, 0.6% EXE emails to Mr X Mr X, who is an expert on naval warfare, was targeted sixty six times in 2011. 3 years Targeted email Attacks containing Taidoor have been Peak number of emails ongoing since 2008 intercepted coincided with the US-Taiwan Defense Industry Conference in Sept 2011 vulnerabilities Wide range of vulnerabilities exploited • CVE-2009-4324 • CVE-2006-0022 • CVE-2006-6456 •CVE-2011-0611 • CVE-2007-5659 • CVE-2009-1129 • CVE-2009-3129 • CVE-2011-1991 • CVE-2011-2100 14 versions of Trojan.Taidoor since 11th Mar 2008 Live attack sessions Interactive sessions with attackers visiting infected computers observed by Symantec Top 0 command & control servers by country United States Taiwan Korea, Republic of,Korea, Republic of Hong Kong Thailand Most C&C servers India located in... Japan Singapore Taiwan Mexico Uses hacked Saudi Arabia USA servers for C&C hours is the typical daily operational window when interactive sessions are conducted. Scan QR code to download These are during the hours of 9AM to 4PM (East Asian time zone) report O Symantec Corparation 2012 Symantec.cloud. Symantec Endpoint Protection www.symantec.com/business/ V Norton Norton Antivirus us.norton.com symanteccloud.com Sources: http://bit.ly/ymfAcw http://www.symantec.com/securityresponse/ http://tms.sym antec.com y twitter FOLLOW US V Symantec. Security Response @threatintel TROJAN.TAIDOOR Targeted attacksaeint US-Taiwaninterests A WX P Attacks focused on targeting influencers of US/Taiwanese policy PDF DOC XLS PPT 47% 31% 12% 5% attachment types 7 3% SCR, 0.8% DLL, 0.6% EXE emails to Mr X Mr X, who is an expert on naval warfare, was targeted sixty six times in 2011. 3 years Targeted email Attacks containing Taidoor have been Peak number of emails ongoing since 2008 intercepted coincided with the US-Taiwan Defense Industry Conference in Sept 2011 vulnerabilities Wide range of vulnerabilities exploited • CVE-2009-4324 • CVE-2006-0022 • CVE-2006-6456 •CVE-2011-0611 • CVE-2007-5659 • CVE-2009-1129 • CVE-2009-3129 • CVE-2011-1991 • CVE-2011-2100 14 versions of Trojan.Taidoor since 11th Mar 2008 Live attack sessions Interactive sessions with attackers visiting infected computers observed by Symantec Top 0 command & control servers by country United States Taiwan Korea, Republic of,Korea, Republic of Hong Kong Thailand Most C&C servers India located in... Japan Singapore Taiwan Mexico Uses hacked Saudi Arabia USA servers for C&C hours is the typical daily operational window when interactive sessions are conducted. Scan QR code to download These are during the hours of 9AM to 4PM (East Asian time zone) report O Symantec Corparation 2012 Symantec.cloud. Symantec Endpoint Protection www.symantec.com/business/ V Norton Norton Antivirus us.norton.com symanteccloud.com Sources: http://bit.ly/ymfAcw http://www.symantec.com/securityresponse/ http://tms.sym antec.com y twitter FOLLOW US V Symantec. Security Response @threatintel
Targeted attacks using Trojan.Taidoor
Designer
Hon LauSource
http://www.s...hink-tanksCategory
TechnologyGet a Quote