A startling new report has revealed how Advanced Persistent Threat (APT) groups operating on the behalf of the Chinese government used adware to target Windows and Android devices.
Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android, released by BlackBerry, reveals how these Chinese hackers have managed to successfully target specific systems without detection since 2012.
The attacks particularly focussed on Linux servers, which run nearly all of the top 1 million websites online, 75 per cent of all web servers and 98 per cent of the world’s supercomputers.
The hackers used a number of different techniques to evade the many security systems that are in place, including adware, which is the software that generates online advertisements in a user interface.
By giving malware (malicious software that aims to damage or violate devices) adware code-signing certificates, these APT groups were able to increase the infection rates, as any red flags were simply dismissed as another blip in the constant stream of adware.
According to BlackBerry, this adware technology – that is used so widely in the online advertising ecosystem – offers a way for malicious actors to “hide in plain sight”.
“At first glance, using code-signing certificates belonging to adware developers seems completely counterproductive,” Blackberry says in the report.
“Malware that may previously have gone undetected would now almost surely be immediately noticed. At least a handful of antivirus vendors would flag it, if only on the basis of the adware code-signing certificate.
“Why would an attacker, particularly one aligned with the interests of a nation state, want to do that?”
However, it seems that by giving malware the disguise of adware, these hackers managed to reduce their risk of detection.
“In our judgement, these threat actors would rather be found and then ignored than found and investigated, particularly on the Windows platform where so much of the antivirus attention is focused,” BlackBerry explains.
“Malware masquerading as adware stands a good chance of being overlooked or disregarded if it is detected, especially in busy corporate enterprise environments because they manage a “stack” of multiple security technologies, each with its own set of alerts.”
Networks and host defenders are each day inundated with warnings of a potential breach.
BlackBerry suggests that these findings show the need for security operators to reassess how they determine “run-of-the-mill” nuisances versus malware that is potentially masquerading as adware.
The Edison Agency has made four new appointments in its Sydney office to service the continued growth across key account The Arnott’s Group and the recent appointment to Nestlé Oceania’s strategic packaging design roster. Over the past 12 months, the culmination of strategic and creative work across the Uncle Toby’s brand and continued growth of […]
Wunderman Thompson Intelligence has this week published “Into the Metaverse”—a new report covering everything brand owners and their agencies need to know about this new paradigm, from what the metaverse is to its meaning for brands. Interest in the metaverse—a term first coined in Neal Stephenson’s 1992 novel Snow Crash, then closely associated with gaming, meaning […]
SCA has announced a new smart speaker experience for the Hit Network, with Tom and Olly’s Guide to Lockdown. A voice-activated way to get inspiration and information on fun activities that can be done at home, the guide is curated to appeal to a wide audience. Smart speaker users will find a range of ideas […]
Reprise Australia CEO Maria Grivas has announced two new senior positions at the digitally-led performance marketing business that is part of Mediabrands Australia. The appointments are Grivas’ most prominent steps since taking her role in June this year. “At Reprise our mission is to help brands build and accelerate customer flow,” said Grivas. “These new […]
Digital marketing agency Tug has been appointed by global restaurant booking platform Dish Cult to optimise search across key markets including Australia, New Zealand, UK and Ireland. Dish Cult, which is powered by global reservation and table management solution ResDiary, is a content-led booking platform that includes stories, guides and news on where diners should […]
A new report from The Bureau of Investigative Journalism has revealed that ads for major brands like Nike, Amazon and ASOS are appearing on COVID-19 and anti-vaccination conspiracy sites. The Bureau’s research spanned the course of three months, in which they found ads for major brands, as well as government sites like the UK’s National Health […]
Back in June 2020, QMS pulled off a major coup, snaring the City of Sydney’s outdoor assets away from rival JCDeceaux in a 10 year deal reported to be worth $300 million. COVID has made the changeover and erection of new street furniture challenging, but here B&T chats with Jemma Enright who joined the business […]
M&C Saatchi creatives Sam Rowlands and Jason Leigh talk about their personal creative pursuits, and how it informs their advertising. Then they decided that, as they hadn’t seen each other in a long time, they’d prefer to interview each other… Sam Rowlands — art director/painter/sculptor/fashion designer (as interviewed by Jason Leigh) Sam forgot about our […]
Esports organisation ORDER has announced the appointment of Michael Speakman as its new Head of Commercial. As part of ORDER’s expansion, Speakman will help navigate new commercial opportunities by offering a creative space for brands to connect, level up and deliver partnerships across the gaming ecosystem. ORDER continues to sustain its rapid expansion by appointing a […]
Hivestack, the leading global programmatic digital out of home (DOOH) ad tech company today announced a partnership with Clear Channel Outdoor Americas (CCOA), the US based business of Clear Channel Outdoor Holdings: one of the world’s largest outdoor advertising companies. Through this new partnership, CCOA will offer advertisers a way to buy DOOH inventory programmatically […]