The threat research team at Cybereason uncovered an interesting piece of malware. Studied it and tracked it. Which lead them to believe they were dealing with a threat actor known as Molerats.
Sponsors
This episode is sponsored by Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in your hands. Their future-ready attack platform gives defenders the wisdom to uncover, understand, and piece together multiple threats. And the precision focus to end cyberattacks instantly – on computers, mobile devices, servers, and the cloud. They do all this through a variety of tools they’ve developed such as antivirus software, endpoint monitoring, and mobile threat detection tools. They can give you the power to do it yourself, or they can do all the monitoring and respond to threats in your environment for you. Or you can call them after an incident to get help cleaning up. If you want to monitor your network for threats, check out what Cybereason can do for you. Cybereason. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.
Sources
- https://www.cybereason.com/hubfs/dam/collateral/reports/Molerats-in-the-Cloud-New-Malware-Arsenal-Abuses-Cloud-Platforms-in-Middle-East-Espionage-Campaign.pdf
- https://malpedia.caad.fkie.fraunhofer.de/actor/molerats
- https://www.fireeye.com/blog/threat-research/2013/08/operation-molerats-middle-east-cyber-attacks-using-poison-ivy.html
Attribution
Darknet Diaries is created by Jack Rhysider.
Episode artwork by odibagas.
Audio cleanup by Proximity Sound.
Sound design by Andrew Meriwether.
Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify.
Equipment
Recording equipment used this episode was the Shure SM7B, Zoom Podtrak P4, Sony MDR7506 headphones, and Hindenburg audio editor.
Transcript
[START OF RECORDING]
JACK: Hey there, did I surprise you? I release episodes of this show every other week. That’s two episodes a month, right? So, why do we have an episode here, in the off-week? Well, there’s this company called Cybereason who are big fans of this show and they wanted to bring you an extra episode. So, a deal was made which means this entire episode is brought to you by Cybereason. I’ve never done anything like this before and so I want to be clear; this episode is only here because Cybereason sponsored it. But I’m excited because it’s a fantastic story that links back to one of my most popular episodes. You’re gonna hear from their CEO who has quite the back story and later in the episode, we’re gonna hear a story from their threat research team who investigates and uncovers malicious activity, and they’ll tell us about a time when they found a threat actor lurking in someone’s e-mails. They spent months tracking that threat actor which they called Molerats in the Cloud.