Another threat actor group is making way on the cyber threat landscape targeting organizations worldwide to deprive them of millions of dollars. This was dubbed ‘Elephant Beetle’, using in its attacks more than 80 unique tools and scripts.
Elephant Beetle Attack Methods
The researchers from Sygnia published a thorough report about the so-called ‘Elephant Beetle’. It seems that the malicious group waits for months to analyze the environment and financial transaction processes of the victim before actually moving to perform vulnerabilities’ exploitation.
Their method is based on injecting fraudulent transactions into the network and eventually performing theft of lots of money, amounting to millions of dollars. When caught, they maintain a low profile for some time then use a different system to make a comeback.
Apparently Elephant Beetle targets legacy Java applications on Linux systems, this representing their entry point in a company’s network.
This threat actor group’s method is not based on buying or developing zero-day exploits, but rather they choose to target common vulnerabilities that might be probably unpatched.
What Flaws Is Elephant Beetle Exploiting?
The Sygnia experts mentioned in their report that the Elephant Beetle group is targeting 4 vulnerabilities, these including:
CVE-2017-1000486 found under the