The Siesta Campaign: A New Targeted Attack Awakens
26 maggio 2014
![](https://documents.trendmicro.com/images/apt/Siesta.jpg)
Just like many campaigns that came before it, Siesta favored the use of spear-phishing emails to get inside a target network. Taking the bait one step further, bogus messages sent by this campaign are custom formatted to match the recipients’ organization names and addresses, so as to make them think that the message came from a legitimate source.
The Siesta campaign got its name from a notable routine it undergoes once it slips past a target network’s defenses and enters a system. Unlike other types of malware used by most targeted attacks, Siesta makes use of the malware TROJ_SLOTH to, as the name suggests, lie low for a bit before connecting to its command-and-control servers.
With a mindset of gaining more to earn more, the campaign’s creators used multicomponent malware to attack multiple industries at once. Because they're known to be sources of lucrative information, institutions that fall under these industries were targeted by the attackers: consumer goods and services, energy, finance, healthcare, media and telecommunications, public administration, security and defense, and transport and traffic. Given these, it won’t be surprising to see retail stores, banks, and government agencies reporting attacks from this targeted campaign yet again.
HIDE
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
Pubblicato in Cyber Attacks, Targeted Attacks
Ultime notizie
- Post-Quantum Cryptography: Migrating to Quantum Resistant Cryptography
- Rising From the Underground: Hacktivism in 2024
- Guarding AI Models From Malicious Alterations in the AI PC Era
- Navigating the Threat Landscape for Cloud-Based GPUs
- Kong API Gateway Misconfigurations: An API Gateway Security Case Study