Romanian institutions in eight countries were targeted by an advanced persistent threat (APT) for two years, Bitdefender experts revealed. The attacks, which were designed to collect information, were detected and blocked by Bitdefender.
According to a press release by the Romanian internet security software company, the threat, dubbed ‘Pacifier’ by experts, was detected in computers of Romanian institutions in Iran, India, the Philippines, Russia, Lithuania, Thailand, Hungary and Vietnam. The attack, carried out between 2014 – May 2016, was improved continuously, with attackers adding new methods to avoid security solutions, as well as functions connected to data extraction from the systems targeted, the release states.
According to company representatives, the attackers used infected documents, such as resumes, classified ads and invites to diplomatic events, sent from e-mail addresses that appeared to be legitimate, belonging to real institutions and individuals, in order to gain access to IT systems. The infected files with .doc and .zip extensions were market “urgent,” “important.”
Due to the high number of versions of the attack, the relatively small number of targets, as well as the nature of the systems affected, the security experts assessed that the attack was a type of advanced persistent threat.
Bitdefender is an internet security software company with a global outreach roviding security solutions to clients in over 100 countries.
Georgeta Gheorghe