It looks like the Russian hackers used Twitter to hide their cyber-attacks. Experts claimed that the hackers used Twitter and an insecurity method named Hammertoss in order to get access to computers and steal information.
The warning about the Russian hackers comes from FireEye, which stated that the infamous hacking group called APT29 is a real threat and it is significantly adaptable to any environment. The company said that it has been analyzing the group of hackers and its methods for quite some time. They said that Hammertoss is quite a sophisticated method as it makes use of cloud services, GitHub, Twitter hashtags and Twitter itself as part of the attacks.
FireEye said that the APT group (Advanced Persistent Threat) has changed the version of the backdoors it uses frequently, constantly fixing bugs and adding new features to the tools. The security company claims that the hacker group can also monitor the victim’s administration work, which means that it is capable of cleaning any traces of its attacks and the efforts of their removal.
Hammertoss features a multi-stage attack technique and it is based on a library of very well-known malware attacks, said FireEye. It all begins with a scan of a number of Twitter hashtags and handles and it involves sending numerous photographs that have hidden malware.
The technique in combination with very vigilant hackers and timed, automatic scans creates a compromised network which can be accessed by the hackers as they please.
Director of the threat intelligence at FireEye, Laura Galante said that the new approach of the Russian hacker group called APT29 is that they carry out their attacks and keep their presence in the networks, which represents a degree of difficulty that professionals in security could watch drip down into their own operations of network security. Galante went on to say that as FireEye continues to track the APT29 group, they will be able to bring a lot more intelligence to light, which will help their customers update their defenses against these kinds of advanced attacks.
In April, FireEye warned about a group that is similar sounding and just as capable, called APT28. The threat coming from Russia exploited flaws in solid products, such as Adobe Flash and even Windows in order to use them to get information from governments. FireEye also released a warning about a group of hackers from China called APT30.
Image Source: themarysue.com