Starting in late 2015, the OilRig malware campaign began targeting government organizations in the United States. After gaining access through phishing emails, victim machines were controlled by attackers, allowing them to perform basic remote-access trojan-like tasks.
Download this report from the LogRhythm Labs Team, which helps security operations center analysts better detect and respond to the OilRig threat, and learn its major findings, such as:
- 23 unique samples of weaponized documents have been identified;
- The samples correspond to roughly four families of malware;
- Capabilities of the analyzed malware samples include very basic command execution, file upload and file download capability.