The APT advanced persistent threat is known for launching sophisticated attacks to steal sensitive, financial information and stay undetected within the infrastructure.
These hacker groups primarily target enterprises regardless of the Industry, their targets include government, defense, financial services, legal services, industrial, telecoms, consumer goods, and many more.
The APT group includes experienced cybercriminals who can bypass security provisions and cause as damage and disruption as possible. These APT groups have a specific target they spend time to detect them and they exploit them to gain access.
Most of the APT groups use custom malware to fly under the radar. The APT attack is classified into different phases including Planning the attack, mapping company data, avoiding detection, and compromising the network.
In recent years, there are so many cyber breach incidents happened wherein organized and sophisticated target attacks planned and executed. Palo Alto Networks recently captured and investigated new samples of the Linux coin mining malware used by the Rocke group. The family was suspected to be developed by the Iron cybercrime group and it’s also associated with the Xbash malware we reported on in September of 2018. The threat actor Rocke was originally revealed by Talos in August of 2018 and many remarkable behaviors were disclosed in their blog post. The samples described in this report were collected in October of 2018, and since that time the command and control servers they use have been shut down.