Recently, a Chinese cybersecurity vendor, Qihoo 360 released a report that revealed a large-scale hacking operation against Kazakhstan. Qihoo 360 said that the hacking group, called Golden Falcon (or APT-C-34), is a newly formed organization, but according to a Kaspersky investigation, Golden Falcon is actually an alias of the hacking organization DustSquad, which It has been active since 2017.
It is understood that the target of this operation involved individuals and organizations from all walks of life, such as government agencies, military personnel, foreign diplomats, researchers, journalists, private companies, education departments, religious figures, and government dissidents. The attacker mainly steals office files through the attack on the target computer. Researchers said they found data from victims in 13 of Kazakhstan’s largest cities.
There are signs that some of these attacks rely on sending elaborate emails with malicious attachments to targets, while others rely on physical access to the device, suggesting that the attack also has ground staff deployed in Kazakhstan participate.
Qihoo 360 said the campaign was extensive and the attackers seemed to have considerable resources and the ability to develop their own private hacking tools, buy expensive spyware from the surveillance market, and even invest in broadcasting and communications from defense contractors Yurion in Moscow. Intercepting hardware. Various signs of the transaction indicate that the hacker group may be backed by the government as a background.