New malicious cyber operations prove that one does not need to have a machine gun to wound one's enemy. With such cyber surveillance operations as TeamSpy on board, political organizations can be sure to experience data thefts that can be an outcome of geopolitical reconnaissance. The latest high-profile attack has been carried on against Hungary. Although the exact details about the incident remain classified, the campaign itself has been analyzed by security experts.
According to the analysis data, TeamSpy emerges as a surveillance operation. It targets high level political targets mainly in the Commonwealth of Independent States and East European countries. TeamSpy does not limit itself to government agencies only, private business corporations can also be targeted by this malware campaign.
The reason why this operating is called TeamSpy is, because cyber criminals make use of a legal remote administration tool TeamViewer to illegally access target computers. Naturally, if a user utilizes TeamViewer, he or should to notice that someone is spying on them, but the hackers behind TeamSpy hides all signs of TeamViewer's presence in a compromised computer by injecting the program into memory.
TeamSpy is known to steal such sensitive information as highly important content and private keys and passwords. It can also hack and steal Apple iOS history data via iTunes. What is more, since it makes use of TieamViewer, the operation makes screen shots and logs keystrokes to collect sensitive data.
Although TeamSpy has not been noticed to infect lone users, infecting governmental and business organizations puts ordinary computer users and citizens in danger as well. That is why political organizations and others should consider their cyber security seriously. First and foremost, scanning possible target computers for "teamviewer.exe" would be a great thing to start with. The access to certain command-and-control domains should be blocked as well, not to mention that organizations should have strong cyber security plans implemented.
Being attacked by TeamSpy puts multiple users and citizens in danger, so the malicious cyber campaign should be put to a stop.