Contact Contact Us

Operation Sharpshooter Targets Global Nuclear, Defence, Energy, Financial Entities
GOVERNMENT SECTOR

Researchers discovered a new global campaign dubbed Operation Sharpshooter that targets 87 nuclear, defence, energy, and financial entities across the world. Operation Sharpshooter uses macros-laden documents to download a first-stage in-memory implant that delivers a second-stage reconnaissance implant dubbed Rising Sun, which uses code from Lazarus Group’s Trojan Duuzer from 2015. The macros-laden documents are disseminated via Dropbox links shared over social media. Rising Sun collects data about network adapter, computer name, operating system product name from registry, username, and IP address.

References:
[1] ‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure

Ensign InfoSecurity Singapore
30A Kallang Place
#08-01
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883