hinoshiba / news

1 stars 0 forks source link

[DataBreaches] HC3: Analyst Note: LokiBot Malware #4347

Closed hinoshiba closed 1 year ago

hinoshiba commented 1 year ago

Report: 202309291200 Executive Summary Active since 2015 and among the most prevalent and persistent strains of malware families since 2018, LokiBot has matured over time to target multi-sector industries. Despite its apolitical targeting of critical infrastructure, the malware’s adverse effect on the Healthcare and Public Health (HPH) sector shows its reach. In March 2020, a multi-threat actor spearphishing campaign to spread LokiBot malware with a false World Health Organization trademark image solidified its threat to the HPH sector. In addition to other malware analyses, HC3 reported on this specific cyberattack in a 2020 HC3 Sector Note on LokiBot. The malware has been widely used for years, and because of behavior changes, it takes a lot of effort to monitor. However, there are some best practices for protecting against LokiBot and managing its impact. What follows is an update to the previous HC3 analysis of LokiBot, a timeline of multi-sector targeted applications, detection strategies, sample MITRE ATT&CK techniques, indicators of compromise, and recommended defenses and mitigations against the malware. Read the full report at HHS.gov

https://www.databreaches.net/hc3-analyst-note-lokibot-malware/

hinoshiba commented 1 year ago

This issue is stale because it has been open 1 day with no activity. Remove stale label or comment or this will be closed in 1 day.

hinoshiba commented 1 year ago

This issue was closed because it has been stale with no activity.