Russian Cyber Threat Groups – Could they compromise your Twitter Handle?

Cyber threat groups frequently design innovative ways to cover their tracks. In early 2015, a new malware emerged, which the analysts are calling HAMMERTOSS, from an advanced persistent threat (APT) group.

The Russian attacker group that FireEye knows as APT29, employs HAMMERTOSS to compromise its targets. Using a variety of techniques – from creating an algorithm that generate daily Twitter handles to embedding pictures with commands. The developers behind HAMMERTOSS have devised a particularly effective tool. HAMMERTOSS uses Twitter, GitHub, and cloud storage services to relay commands and extract data from compromised networks.

Watch this insightful on-demand webinar from FireEye’s Threat Intelligence Analysts discussing:

  • How HAMMERTOSS works – the five stages, from looking for a Twitter handle to executing commands, including uploading victim’s data to cloud storage services
  • Who APT29 is – their history, targets and methodology
  • Critical insights on HAMMERTOSS and APT29
  • Resource Details

    FireEye logo
    Provided by: