Media Alert: Unit 42 Analysis Kuwaiti Organization's Webpage Used in Security Exploit
xHunt campaign: New watering hole identified for credential harvesting
February 03, 2020: Researchers from Unit 42, the threat intelligence arm of Palo Alto Networks, recently identified a Kuwaiti organization’s webpage used as an apparent watering hole. The discovery was made during analysis of xHunt campaign activities. The webpage contained a hidden image which was observed between June and December 2019, and referenced domains associated with malicious activity conducted by the xHunt campaign operators.
Unit 42 believes that the same threat actors involved in the Hisoka attack campaign compromised and injected this HTML code into this website in an attempt to harvest credentials from the website’s visitors; specifically, gathering account names and password hashes. While Unit 42 cannot confirm this, it is possible that the actors intended to crack these hashes to obtain the visitor’s passwords or using the hashes gathered to carry out relay attacks to gain access to additional systems.
If successful in harvesting account credentials, the compromised data has a plethora of uses for the attackers and can allow them to breach an organization to steal sensitive information. Furthermore, because they’d be using trusted credentials, it can allow attackers to go undetected for long periods of time, enabling them to infiltrate other parts of an organization and even implement backdoors, like RATs, to get back into a system even after being removed. This can result in significant damage to an organization over a prolonged period of time.
During this same timeframe, Unit 42 observed an indication of DNS redirect activity on infrastructure used by these same operators. The domains observed in redirect activity primarily contained subdomains referencing an association with their organizational email servers further implying an interest in user credential harvesting.
Home >> Technology Section
Khabib's Official Training Gloves Will Be Sold at Tooba Charity Auction in Dubai
Burgan Bank Sponsors the Bristol Rovers Football Academy
Porsche Centre Shuwaikh unveils the 2024 Panamera
Burgan Bank Adds Birthday Leaves to Employee Benefits
Burgan Concludes Sponsorship of Kuwait Equestrian Federation's 2023/2024 Tour
KIB shares Iftar meal with security guards as part of its Ramadan campaign
A Deep Dive into the New HUAWEI FreeClip: What Makes the C-bridge Design a Truly ...
KIB announces winners of Al Dirwaza account's monthly and weekly draw
Watches & Wonders 2024 Unico: Hublot's Manufacture Calibre
Bremont introduces a new generation of its Supermarine diving watch series
Ooredoo Kuwait Wraps Up Ramadan 2024 with a Range of Community-Driven Initiative ...
Burgan Bank continues to serve Its customers during Eid Al-Fitr holiday
KIB concludes its annual Ramadan campaign with numerous humanitarian initiatives
Ooredoo Kuwait Strengthens Commitment to Autism Awareness with Visit to Kuwait C ...
How the C-bridge Design Makes HUAWEI FreeClip the Stylish and Comfortable Earbud ...
Ro'ya Talent Program Concludes, Marking Milestone for Burgan Bank's Leadership D ...
Ooredoo Kuwait Unveils Exclusive Roaming Packages for Umrah Pilgrims
CEQUENS Announces Exclusive Partnership with stc Kuwait to Revolutionize Communi ...
Ooredoo Kuwait Sponsors “Longest Ramadan Iftar Table” in Mubarakiyah
The HUAWEI FreeClip: The Open Ear Earbuds that Combine Style and Comfort