-
Notifications
You must be signed in to change notification settings - Fork 880
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Operation HARKONNEN - German Speaking #13
Comments
really? have you read this report? |
It’s like a sale pitch. Couldn’t find any other reports getting deeper in a quick google search |
Google for Win7.Generic (: |
I skipped the sales guff, saw the description of a long targeted campaign that I saw had been previously tagged as crimeware and thought - ah that tends to be interesting. |
And I don't know how $150k comes from a few domains and ssl certs :) |
This has been in various .il news past week. The only metadata/IOCs I found are here, like chris pointed |
I saw that one. I was hoping to find some deeper analysing document. So far nothing found |
Lots of samples available in german installers for freeware packed with typical adware https://malwr.com/analysis/ZGY4MGNjZDQ1NjZjNGQ4MTk2ZGZhYTg4Zjk4ODBjYTA/ |
I did found those. I was interested in the background of the operation (Harkonnen). |
Dynamoo has some analysis on the same malware. This shows that it is adware, and not apt. |
Might be worth adding-
http://cybertinel.com/wp-content/uploads/2014/09/HARKONNEN-OPERATION-CYBER-ESPIONAGE.pdf
The text was updated successfully, but these errors were encountered: