← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Stealthy Cyberespionage Campaign Attacks With Social Engineering
WHITE AlienVault 2015-06-24 Modified: 2017-07-25
7
IOCs
LOW VOLUME
The McAfee Labs research team has tracked an advanced persistent threat for the past couple of months. This group has evolved a lot in sophistication and evasion techniques to defeat detection by security products. This group has been active since at least 2014 and uses spear-phishing campaigns to target enterprises. We have observed this group targeting defense, aerospace, and legal sector companies.
excelofficespearphishingmcafeedefenseaerospacelaw firms
Indicators of Compromise (7)
All URL hostname YARA
TYPEINDICATORDESCRIPTIONCREATED
URL http://mines.port0.org/common.php 2015-06-24
URL http://humans.mooo.info/common.php 2015-06-24
URL http://eholidays.mooo.com/common.php 2015-06-24
hostname eholidays.mooo.com 2015-06-24
hostname mines.port0.org 2015-06-24
hostname humans.mooo.info 2015-06-24
YARA 8deaf4ef28f8e124e97a68cb1799aec4e71f76e5 2017-07-25
References (1)
↗ https://blogs.mcafee.com/mcafee-labs/stealthy-cyberespionage-campaign-attacks-with-social-engineering