Normally in cybersecurity, we hear about hacking attacks and immediately sympathize with the victim. It’s usually an individual or a business that suffers the most; yet, a recent trend is showing that hackers are lashing out at one another in response to certain threats. In response to a hack from the cyberespionage group Naikon, another group, Hellsing, retaliated with their own attack.
It might seem like a classic case of good ol’ revenge, but the researchers at Kaspersky Labs seem to think it hints toward a new trend in the world of cybercrime. They are calling it the advanced persistent threat (APT) wars, in which two major threats duke it out for supremacy over their target.
The attack in question was initiated on April 15, 2015, when Naikon targeted the smaller threat, Hellsing, with a spear phishing attack. Hellsing, however, didn’t respond well to the attack, and instead turned their own malware against Naikon. Naikon responded by posing as a member of a foreign government. As you might imagine, this back-and-forth action continued with both parties, ultimately resulting in Hellsing sending a password-protected message containing a backdoor specially made to target Naikon.
Commenting on the behavior of these two entities, Costin Daiu, Director of the Global Research and Analyst Team of Kaspersky Labs, reports:
The targeting of the Naikon group by Hellsing, in some sort of a vengeful vampire-hunting — “Empire Strikes Back” style, is fascinating. In the past, we’ve seen APT groups accidentally hitting each other while stealing address books from victims and then mass-mailing everyone on each of these lists. However, considering the targeting and origin of the attack, it seems more likely that this is an example of a deliberate APT-on-APT attack.
These two threats going after each other tooth and claw was likely in the interest of gathering information; something which advanced persistent threats are known for. It’s an interesting exchange of blows, almost like they’re trying to outsmart each other. It’s the classic example of who can gain advantage of vital information that can be leveraged for greater profits.
Will the future see a world in which cybercriminals scramble for power, only to fall from grace and be lost to the ages, like the remains of an empire spreading itself too thin? Only time can tell. In the meantime, not even other hackers are safe from advanced persistent threats that lurk on the Internet. As a business owner and end user, the last thing you want to do is get caught between two wild hacking animals vying for a scrap of meat. Be sure to keep your machines up to date with the latest patches and upgrades that will minimize the possibility of a hacking attack.