English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Icefog OpenIOC Release

GReAT
Kaspersky Lab Expert
Posted September 26, 13:00  GMT
0.5
 

Yesterday we published our research on Icefog, a sophisticated cyber-espionage operation. You can read more about it here. We also have a detailed FAQ and in-depth report.

We're sharing Indicators of Compromise based on the OpenIOC framework for Icefog. This way organizations have an alternative way of checking their network for presence of (active) Icefog infections.

You can download the ZIPed IOC file here.

Kaspersky products detect all malicious files associated with Icefog.


2 comments

Oldest first
Threaded view
 

lseltzer

2013 Sep 28, 18:49
0
 

Windows only, right?

Just glancing at the file I'm guessing it only describes indications on Windows systems. Am I correct?

Reply    

5ynaptic

2013 Sep 29, 18:49
0
 

For the IOC XML, appears so

However, if you dig into the full report (in-depth report) there's a breakdown of the Mac based malware (MacFog) and some of the IOCs you would be looking for

HTH

Reply    
If you would like to comment on this article you must first
login


Bookmark and Share
Share