FireEye Releases Report Revealing A Possible Malware “Cyber Arms Dealer”
New Report, “Supply Chain Analysis: From Quartermaster to Sunshop,” Explains How Malware Attackers May Employ a Common Development and Logistics Center
FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced the release of a new report, Supply Chain Analysis: From Quartermaster to Sunshop. The report details how many seemingly unrelated cyber attacks may, in fact, be part of a broader offensive fueled by a shared development and logistics infrastructure — a finding that suggests some targets are facing a more organized menace than they realize.
“Our research points to centralized planning and development by one or more advanced persistent threat (APT) actors” said Darien Kindlund, manager of threat intelligence at FireEye. “Malware clearly remains a desired cyber weapon of choice. Streamlining development makes financial sense for attackers, so the findings may imply a bigger trend towards industrialization that achieves an economy of scale.”
The report examines 11 APT campaigns targeting a wide swath of industries. Though they appeared unrelated at first, further investigation uncovered several key links between them: the same malware tools, the same elements of code, binaries with the same timestamps, and signed binaries with the same digital certificates.
This report focuses on two key findings:
“Like traditional conflict, cyber warfare will continually evolve and change through innovation,” said FireEye CEO David DeWalt. “Not surprisingly, attackers are adopting an industrialized approach. The best hope for those playing defense is a community-based approach that not only monitors advances in cyber attacks, but also propagates information to help mitigate the new threats.”
About FireEye, Inc.
FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 1,300 customers across more than 40 countries, including over 100 of the Fortune 500.
# # #
© 2013 FireEye, Inc. All rights reserved. FireEye is a registered trademark of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.