Check Point Press Releases

Check Point Researchers Unveil Identity of Iranian-Linked Cyber Espionage Attackers and Sweeping Details on the Campaign’s Global Operations, Targets


San Carlos, CA  —  Mon, 09 Nov 2015

Check Point Software Technologies Ltd. (NASDAQ: CHKP), the largest pure-play security vendor globally, today published a 38-page report identifying specific details and broad analysis on cyber-espionage activity conducted by the group ‘Rocket Kitten,’ with possible ties to Iranian Revolutionary Guard Corps. The new report also reveals details of the group’s global operations and unique insight into more than 1,600 of their targets.

Led by researchers in Check Point’s Threat Intelligence and Research Area, the never-before-published data paints a picture of strategic malware attacks supported by persistent spear phishing campaigns. The details show Rocket Kitten actively targeted individuals and organizations in the Middle East, as well as across Europe and in the United States, documenting specifics such as:

  • Business and government sectors across Saudi Arabia, including news agencies and journalists; academic institutions and scholars; human rights activists; military generals; and members of the Saudi royal family.
  • Embassies, diplomats, military attachés and ‘persons of interest’ across Afghanistan, Turkey, Qatar, United Arab Emirates, Iraq, Kuwait and Yemen, as well as NATO commands in the region.
  • Dozens of Iran researchers, as well as European Union Iran research groups, specifically in the fields of foreign policy, national security and nuclear energy.
  • Venezuelan trade and finance targets.
  • Former Iranian citizens of various influential positions.
  • Islamic and anti-Islamic preachers and groups; famous columnists and cartoonists; TV show hosts; political parties; and government officials.

Researchers were also able to trace and unmask the true identity of an aliased attacker, identified as “Wool3n.H4T,” as one of the prominent figures behind this campaign. Further, based on the nature of the attacks and associated repercussions, the report suggests Rocket Kitten’s motives were aligned with nation-state intelligence interests, aimed at extracting sensitive information from their targets.

“This research provides a rare look at the nature and global targets of a global cyber espionage group,” said Shahar Tal, Research Group Manager, Check Point. “While Check Point customers are protected against all known variants of these threats by Rocket Kitten, it is our hope fellow security vendors and malware research professionals take the proper precautions and deploy relevant protections.”

For more information, the full report ‘Rocket Kitten: A Campaign with 9 Lives’ can be found here: https://blog.checkpoint.com/2015/11/09/rocket-kitten-a-campaign-with-9-lives.

Check Point’s Threat Intelligence & Research divisions regularly investigate attacks, vulnerabilities and breaches, and develop protections to secure Check Point’s customers. For more information on other research findings from Check Point, visit: /threatcloud-central/.

Follow Check Point via:

Check Point Blog: https://blog.checkpoint.com/
Twitter: https://www.twitter.com/checkpointsw
Facebook: http://www.facebook.com/checkpointsoftware
YouTube: https://www.youtube.com/user/CPGlobal
LinkedIn: https://www.linkedin.com/company/check-point-software-technologies

About Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. (www.checkpoint.com), is the largest pure-play security vendor globally, provides industry-leading solutions, and protects customers from cyberattacks with an unmatched catch rate of malware and other types of attacks. Check Point offers a complete security architecture defending enterprises’ networks to mobile devices, in addition to the most comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes. At Check Point, we secure the future.

 

×
  反映意見
本網站使用cookies來實現其功能以及分析和行銷目的。 繼續使用本網站即表示您同意使用cookies 。 欲了解更多信息,請閱讀我們的cookies聲明