Machete: Dissecting the Operations of a Cyber Espionage Group in Latin America

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F19%3A00332902" target="_blank" >RIV/68407700:21230/19:00332902 - isvavai.cz</a>

Výsledek na webu

<a href="https://ieeexplore.ieee.org/abstract/document/8802467" target="_blank" >https://ieeexplore.ieee.org/abstract/document/8802467</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/EuroSPW.2019.00058" target="_blank" >10.1109/EuroSPW.2019.00058</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Machete: Dissecting the Operations of a Cyber Espionage Group in Latin America

Popis výsledku v původním jazyce

Reports on cyber espionage operations have been on the rise in the last decade. However, operations in Latin America are heavily under researched and potentially underestimated. In this paper we analyze and dissect a cyber espionage tool known as Machete. Our research shows that Machete is operated by a highly coordinated and organized group who focuses on Latin American targets. We describe the five phases of the APT operations from delivery to exfiltration of information and we show why Machete is considered a cyber espionage tool. Furthermore, our analysis indicates that the targeted victims belong to military, political, or diplomatic sectors. The review of almost six years of Machete operations show that it is likely operated by a single group, and their activities are possibly state-sponsored. Machete is still active and operational to this day.

Název v anglickém jazyce

Machete: Dissecting the Operations of a Cyber Espionage Group in Latin America

Popis výsledku anglicky

Reports on cyber espionage operations have been on the rise in the last decade. However, operations in Latin America are heavily under researched and potentially underestimated. In this paper we analyze and dissect a cyber espionage tool known as Machete. Our research shows that Machete is operated by a highly coordinated and organized group who focuses on Latin American targets. We describe the five phases of the APT operations from delivery to exfiltration of information and we show why Machete is considered a cyber espionage tool. Furthermore, our analysis indicates that the targeted victims belong to military, political, or diplomatic sectors. The review of almost six years of Machete operations show that it is likely operated by a single group, and their activities are possibly state-sponsored. Machete is still active and operational to this day.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of 4th IEEE European Symposium on Security and Privacy

ISBN

978-1-7281-3026-2

ISSN

—

e-ISSN

—

Počet stran výsledku

10

Strana od-do

464-473

Název nakladatele

IEEE Xplore

Místo vydání

—

Místo konání akce

Stockholm

Datum konání akce

17. 6. 2019

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000485315600052