Spanish language forum research by Wapack Labs has uncovered an Argentinian programmer who provides numerous malicious tools in many forums. These tools include numerous forms of Remote Access Tools (RATs), Distributed Denial of Service (DDoS), and defacer keyloggers which can be used in numerous ways - for illegitimate purposes. This actor appears to be a skilled programmer possibly living in Argentina, as is indicated in the actor's related blog profile. Its unsure what the motives are since the malicious tools are offered for free. Actor has been providing malicious tools for the past five years. This information is being supplied for your situational awareness.
Publication
date: 20
October 2016
Handling
requirements: Traffic
light protocol (TLP) GREEN
Attribution/Threat
Actor: Argentina
Actor
Type: Adversary
capabilities have been assessed as Tier II*
Potential Targets: Worldwide
– Spanish/Hispanic consumers
Past Reporting: Red Sky Alliance: DOC-4323
* Practitioners
with a greater depth of experience, with the ability to develop their own tools (from publicly known vulnerabilities).
The full attribution report has been published in its entirety in the Red Sky Alliance portal. For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or feedback@wapacklabs.com.
About Wapack Labs
Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber. Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information. The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.
