A sophisticated cyber espionage campaign dubbed “Operation Sea Elephant” has been discovered targeting scientific research organizations, with a particular focus on ocean-related studies. The operation, attributed to a threat actor group known as CNC with South Asian origins, aims to steal valuable research data to ensure regional dominance in the Indian Ocean. While the stolen Windows-based documents did not contain production data, they provide foreign intelligence organizations with valuable insights into project progress, technical direction, and strategic planning of targeted research teams. Stolen documents from compromised systems revealed the attackers’ interest in multiple marine research areas including inner wave water transport, ocean sequestration, and marine emerging industries. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Security experts at Qiaxin discovered the campaign in mid-2024 when they identified an attack collection numbered UTG-Q-011, which shared code with previously known CNC operations. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. The CNC group has demonstrated significantly enhanced capabilities compared to other Advanced Persistent Threat (APT) groups operating in South Asia. Only files larger than 40KB are collected, suggesting the attackers are filtering for documents with substantial content rather than simple placeholders or templates. After compromising a system, the attackers move laterally by controlling the victim’s instant messaging applications such as WeChat and QQ to distribute malicious programs to colleagues and associates.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 07 Mar 2025 12:35:09 +0000