Tag Archives: lurk

Attribution of 2015-6 Phishing to APT28

Mar 24, 2018 – 2:35 PM

In two influential articles in June 2016, immediately following the Crowdstrike announcement, SecureWorks (June 16 here and June 26 here) purported to connect the DNC hack to a 2015-6 phishing campaign which they attributed to APT28.  SecureWorks identified two malicious domains in their article. In today’s article, I’ll show that infrastructure from one domain are connected […]

By Stephen McIntyre | Posted in Uncategorized | Also tagged | Comments (61)

Arrest of the “Lurk” Banking Trojan Gang

Mar 11, 2018 – 12:57 AM

On June 2, 2016, in a major police operation in Russia, 50 hackers from the Lurk banking trojan gang were arrested following 86 raids (Security Week here). Their malware was used for bank fraud (especially in Russia) and ransomware all over the world. The full extent of their activities became clear only after their arrest. In […]

By Stephen McIntyre | Posted in Uncategorized | Also tagged , , | Comments (180)