[SILVERFISH] Global Cyber Espionage Campaign Case Report

June 17, 2021 22:31

The PRODAFT Threat Intelligence (PTI) Team has uncovered a global cyber-espionage campaign, which has strong ties with the SolarWinds attack and the EvilCorp.

Victims include dozens of Fortune500 companies, a three letter US organization, and various ministries/departments (from the U.S. and the E.U.) which have previously admitted being breached.

The report also features "Modus Operandi" of the attackers, which is found to be as exciting as the technical aspects as well. We have notified several CERTs and LE bodies around the world, and involving victims in their area of authority.

We would like to state that we have intentionally avoided from making any attributions in our report regarding the SilverFish. This is due to the fact that we believe these kind of assumptions can easily be transformed into a baseless hype in the media in a way that shadows the research we have put in.

Finally, we would like to present our deepest gratitude to our advisors (Jean-Christophe Le Toquin, Senad Aruc, Nils Roald), partners, the national CERT of Switzerland, and especially the cantonal police force of Vaud for their timely support and dedication.

Cyber Espionage