Threat Intelligence Report

EclecticIQ Hypotheses: Infection Vector for German Government Breach (English)

On 28th February the German Interior Ministry confirmed that it identified an attack against its servers in December 2017. In this report EclecticIQ Fusion Center analysts will summarize what is known to date and will provide a set of hypotheses about the infection vector.

Report from EclecticIQ Fusion Center from Wednesday 14 March 2018.

Key Findings:

ILIAS e-Learning platform likely infiltrated by adversaries to serve malicious documents that are commonly provided with online courses.
e-Learning portal was running outdated version, which might have aided attackers in exploitation of vulnerabilities.
Unknown if or how Government computers in a closed network could have accessed the e-Learning portal hosted online
Broad distribution of ILIAS across industries

About EclecticIQ

EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.

EclecticIQ Fusion Center

EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.

Download Report

About EclecticIQ

EclecticIQ Fusion Center

EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.