Dragonfly 2.0: new campaign of intrusion in the electric sector

06/09/2017

A new campaign known as Dragonfly 2.0 is attacking with the aim of infiltrating energy sector infrastructures in Turkey, Switzerland and the United States. The security company Symantec has released this new version of Dragonfly as previously happened, reporting that this new wave has been operational since December 2015. In this campaign the attackers are using different vectors to gain access to companies in the energy sector as for example malicious emails with those that make attempts of phishing or in which to attach files that contain troyanos. In addition, they use previously installed "backdoors" to have direct access to affected systems, as well as other "toolkits" to manage them

References

06/09/2017

symantec.com

Dragonfly: Western energy sector targeted by sophisticated attack group
06/09/2017

arstechnica.com

Hackers lie in wait after penetrating US and Europe power grid networks
07/09/2017

thehackernews.com

Dragonfly 2.0: Hacking Group Infiltrated European and US Power Facilities
30/06/2014

certsi.es

APT "dragonfly" en Sistemas de Control Industrial

Etiquetas