Trend Micro Tracking Earth Aughisky’s Malware and Changes

Trend Micro’s security researchers and analysts have shared information pertaining to their research paper ‘The Rise of Earth Aughisky: Tracking the Campaigns Taidoor Started’ in which the platform monitoring advanced persistent threat (APT) groups’ attacks and tools, Earth Aughisky (also known as Taidoor).

Researchers observed that the threat actors named this malware family Roudan while looking at both the backdoor and backdoor builder. The name Taidoor is interchangeably used to refer to the group and the malware.

This group is found to be more active among others as it has been rampantly attacking organizations. Besides, the group continues to update its tools and malware deployments which makes it a more lethal threat. The recent targets of this group have been observed in Taiwan and Japan, researchers said.

In the research paper, the monitoring units explained and listed all the malware attributed to the group, the latest updates in illicit activities potentially related to real-world changes, and the relation of these malware families and tools with other APT groups.

Furthermore, people can also read recommendations and potential threats from this APT group.
This classic Earth Aughisky malware was first reported 10 years ago, however, the group has always been known for its different formats employed for callback traffic as it contains an encoded MAC address and data.

The blog post concluded – “The Over the years, the consistent monitoring of APT group Earth Aughisky enabled cybersecurity researchers to gain insights into the inner workings of other similar cyberespionage groups…”

“…The amount of data gathered using various analysis techniques show an overview of motivations, the maturity of their technical skills, and even the plausible real-world connections of incidents. Groups like Earth Aughisky have sufficient resources at their disposal that allow them the flexibility to match their arsenal for long-term implementations of cyber espionage, and organizations should consider this observed downtime from this group’s attacks as a period for preparation and vigilance for when it becomes active again”.

Read the full article here

Hosted by
News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.

Sign Up for Our Morning Boot Cybersecurity Newsletter

Sponsored Ad

Cybervizer Recommended Book