fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Hackers For Hire Attack Architecture Firm Via 3ds Max Exploit

Hackers For Hire Attack Architecture Firm Via 3ds Max Exploit

An advanced hackers-for-hire group has compromised computers of an architecture firm involved in luxury real-estate projects worth billions of US dollars.

The group carries out espionage operations, the attack vector being a malicious plugin for the Autodesk 3ds Max software for creating professional 3D computer graphics.

Select targets

According to an investigation from Bitdefender, the unnamed victim is an important company working with luxury real-estate developers in the U.S., the U.K., Australia, and Oman that contract services of top architects and interior designers.

For this operation, the threat actor relied on command and control (C2) infrastructure in South Korea, which recorded traffic from malware samples in multiple countries (U.S., South Korea, Japan, South Africa), suggesting select victims in these regions as well.

Evidence discovered by security researchers points to a group that provides sophisticated hacking services to various customers looking for inside financial details and negotiations about high-value contracts.

“The sophistication of the attack reveals an APT-style group that had prior knowledge of the company’s security systems and used software applications, carefully planning their attack to infiltrate the company and exfiltrate data undetected” – Bitdefender

Also read: 5 Simple Instructions on How to Access Request Form PDF

Careful operation

In this case, the attack vector was a vulnerability affecting several Autodesk 3ds Max versions that allows code execution on a windows system.

Earlier this month, Autodesk warned that an exploit for the MAXScript scripting utility exists in the form of a malicious plugin called “PhysXPluginMfx.” When loaded in 3ds Max, the plugin can infect other MAX files, thus spreading to other users on the network.

Unlike cybercriminal groups that seek immediate financial gains, this threat actor uses malware that collects details about the compromised host (computer name, username) and steals sensitive information.

Apart from using tools that take screenshots and extract passwords and history data from Google Chrome, the actor also has malware that steals files with specific extensions.

Bitdefender researchers assess that the attacker compiles this file-stealing component for each victim to include the list of files they want to pilfer.

Keeping a small footprint

To remain under the radar on a compromised machine, the actor turned to an interesting trick that made the malicious binary sit dormant if Task Manager or Performance Monitor were running.

Depending on how much window area was visible for these two applications, a flag was set to instruct the malware to sleep, thus reducing CPU usage and placing it lower in the list of power-hungry processes.

On the same note, file compression was employed only to some files. Data that would attract unnecessary attention if archived, would be skipped from this operation

Bitdefender’s report today says that telemetry data shows that similar malware samples contacted the same C2 in South Korea less than a month ago.

While this may help connect the dots with other operations, it is by no means the beginning of the group’s activity timeline.

Also read: What is Pseudonymisation: 5 Techniques and Its Best Practices

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us