Dragonfly 2.0: new campaign of intrusion in the electric sector

A new campaign known as Dragonfly 2.0 is attacking with the aim of infiltrating energy sector infrastructures in Turkey, Switzerland and the United States. The security company Symantec has released this new version of Dragonfly as previously happened, reporting that this new wave has been operational since December 2015. In this campaign the attackers are using different vectors to gain access to companies in the energy sector as for example malicious emails with those that make attempts of phishing or in which to attach files that contain troyanos. In addition, they use previously installed "backdoors" to have direct access to affected systems, as well as other "toolkits" to manage them


Go top