‘Relentless’ Hacking Group Targeting Saudi Arabia, U.S., Says Symantec

The Elfin espionage group, also called APT33, has remained highly active over the past three years, attacking at least 50 organizations in Saudi Arabia, the United States, and a range of other countries, reports the computer security firm Symantec.

The group, which first became active in late 2015 or early 2016, specializes in scanning for vulnerable websites to identify potential targets, either for attack or for the creation of command and control infrastructure. It has compromised a wide range of targets in Saudi Arabia, the United States and elsewhere, including government agencies along with organizations in the research, chemical, engineering, manufacturing, consulting, finance, telecoms, and several other sectors.

Elfin continues to be focused heavily on Saudi Arabia, which accounted for 42 percent of attacks observed by Symantec since the beginning of 2016. However, the United States has also been a country of significant interest to the group, with 18 organizations attacked over the past three years, including a number of Fortune 500 companies.

Elfin’s U.S. targets have included organizations in the engineering, chemical, research, energy consultancy, finance, IT, and healthcare sectors.

Some of these U.S. organizations may have been targeted by Elfin for the purpose of mounting supply chain attacks. In one instance, a large U.S. company was attacked in the same month a Middle Eastern company it co-owns was also compromised.

Elfin has deployed a wide range of tools in its attacks including custom malware, commodity malware, and open-source hacking tools.

Read more at the Symantec website

(Visited 9 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

SIGN UP NOW for FREE News & Analysis on topics of your choice across homeland security!

BEYOND POLITICS.  IT'S ABOUT THE MISSION. 

Go to Top