Published On: Wed, Jun 25th, 2014

Havex malware used for targeted attacks: F-Secure report

F Secure

The global security leader F-Secure deeply researched and analysed the Havex malware family as it is used in targeted attacks against various industry sectors. The main components of Havex include Remote Access Trojan (RAT) and a server written in PHP. The research by F-Secure reveals that there are three software vendor sites that were compromised in this manner. The software installers of these sites were trojanized to make way for Havex RAT. All the three companies are involved in the development of applications and appliances for the purpose of industrial application. Two of these organisations supply remote management software for ICS systems and the third one develop cameras and related software.

F-Secure further analysed that Havex took special interest in Industrial Control System (ICS). The aim of the attackers is to trojanize the software available for download at the ICS manufacturer websites with the purpose to infect the computers attached to the ICS environment. F-Secure noticed and gathered 88 variants of the Havex RAT, which were used in gaining the access to the data from networks and machines. In the analysis the company investigated 146 command and control (C&C) servers contacted by the variants and also traced down 1500 IP addresses in an attempt to find out the victim.

The F-Secure research also indicates that the attackers used compromised websites and blogs as C&C servers, as it help them to easily infect the machinery used in ICS. This also makes it clear that the attackers are interested in both the networks of the company and the ICS systems of the organisations.

About the Author

Heena Gupta

- A reader at heart, this girl loves to express through writing. Her ears perk up as soon as she senses any tech molecule in the air. With the ability to use and navigate typical technologies she becomes a complete tech enthusiast. This post graduate in Mass Communication lives in the world of gadgets. Fiction, history and cartoons keep her busy in the free time. Her urge to grow mixed with excellent writing skills forces us to have her as a part of our workforce.

Havex malware used for targeted attacks: F-Secure report