GEC NEWS WIRESecureWorks released new research on a long-running cyber espionage threat group named Bronze Union, believed to be located in and operating from the People’s Republic of China. The SecureWorks Counter Threat Unit comes to this conclusion based on analysis of Bronze Union’s espionage operations, targeting, and tools – outlined in the newest report.
More recently, in November 2016, Bronze Union specifically targeted high-profile Turkish organizations. During the targeting period of eight days, seventeen Turkish government IP addresses, five Turkish banks and two Turkish academic networks downloaded the threat group’s malware. SecureWorks notes that Bronze Union’s abrupt and concerted effort to compromise Turkish networks represents a notable shift in the group’s targeting behavior and highlights the breadth of this threat group’s intent towards organizations in Turkey. The new SecureWorks report offers several explanations for the increased interest in Turkish targets.
Regarding the tool used, Bronze Union is known to use strategic web compromises, and continues to use this infection vector in campaigns. Due to the success of this threat group and its recent activity, SecureWorks expects that these threat actors will continue their espionage, for as long as their tactics and procedures continue to be successful in breaches worldwide.
