Interesting IT/InfoSec news on the Energy Sector
Malware targeting the energy sector goes by the name "Operation Sharpshooter"
Funny naming convention "The Rising Sun":
A fully functional backdoor, the Rising Sun implant has a modular design and is capable of performing reconnaissance operations on the infected machines.
North Korean false flag mentioned.
The researchers observed similarities with the Lazarus group, such as the creation of malicious documents in a Korean-language environment, the use of a variant of the dynamic API resolution technique employed by Lazarus, and similarities between the operation and Lazarus attacks from 2017. There are also a number of similarities between Rising Sun and Duuzer.
Information:
https://www.securityweek.com/operation-sharpshooter-hits-global-defense-critical-infrastructure-firms
PDF link:
https://www.mcafee.com/enterprise/en-us/assets/reports/rp-operation-sharpshooter.pdf