In China, command and control centers(C&C) targeted many countries. The attack caused by a malicious email containing logically important and relevant information led to the execution of malware as an attachment. Once installed, malware downloaded the Ghost Remote Administration Toolkit to remotely manage systems. The Chinese C&C server could then send orders and store exfiltrated data for its victims.
Operation Aurora 2009%: It began in China in 2009 to steal sensitive information from high- tech, security and defense companies. Attackers exploited the “use after free” vulnerability of Internet Explorer resulting in corruption of HTML object memory. (A use after free vulnerability allows attackers to inject code into the memory area of the object when deleted without further reallocating it. In other words, the object is created, the object is deleted to release the memory, code is injected in the free memory without any reallocation by creating a new object, and the object executes the code to gain shell. ) A drive-by download attack infected users machines with malware by exploiting this vulnerability.
In china case(2010 China’s IP Telecom, China’s largest provider of broadband Internet connections, was targeted and exploited a Border Gateway Protocol( BGP) problem used by routers to identify routes for Internet traffic routing. The Chinese attackers sent incorrect traffic that updated several routers ‘ routing tables around the world. Because routers were the attack platform, the targeted attack had a side effect on wider Internet sectors.
It was designed to exploit Siemens Programmable Logic Controllers in SCADA networks with the sole aim of destroying centrifuges used in nuclear material processing. The Stuxnet framework exploited four zero-day vulnerabilities including Windows print spooler, LNK format, SMB server (kernel), and task scheduler. A Stuxnet variant named Duqu was recently spotted in the wild.
Targeted government entities, chemical makers, human rights groups and defense contractors. For the spread of Poison Ivy agent, still as part of Nitro campaign, attackers exploited zero-day vulnerability in Java in 2012.
Poison Ivy was used to infect US government website visitors by exploiting the zero- day Internet Explorer vulnerability. This RAT was used by a wide variety of hacking groups and in various operations, including at least three separate APT campaigns.
This essay has been submitted by a student. This is not an example of the work written by our professional essay writers. You can order our professional work here.