Malware was found to be the reason of cyber-attack last year on white house. The malware qualities and behavior in systems found similar to Russian cyber espionage. Thus everyone is suspecting Russia after this cyber-attack. Researchers told that a group of intruders are after this attack.
Kaspersky which is well known in field of security have named this group of intruders as cozy duke. Cozy duke is targeting the high profile accounts which are very confidential. They are an active group past last year. In their entire tool kit they have number of things that they use for cyber-attack like malware droppers, information-stealing programs and backdoors. Such programs and threads can evade antivirus and cryptography.
There are many cyber espionage tool as per technical evidence as told by Kaspersky, Cozy duke is very similar to all those tools in terms of structure and functionality.
These new threats got limelight when they were used to attack NATO members and European governments two years back.
Though Kaspersky has not commented over Cozy Duke origin, but other companies are suspecting it’s origin to be Russia as they find it similar to three previous threats from Russia.
In January, F secure noticed that Cosmic duke or Onion Duke is not from Russia. The might be the spyware tools that are used by Russian government to enforce law investigations through illegal links.
The case becomes more difficult as the targets of law enforcement use case appear to belong to Russia but none of high profile victims are of Russian Authority.
These cyber-attacks possess great threat to cyber security as many governments are being targeted by small activist group who work against their laws enforcement.
Many organizations are coming up to fight against such cyber hacks and attacks. These attacks are perceived serious and lots of actions are taken to mitigate such acts in future.
