14 DAY TRIAL // A few days ago, security firm McAfee published a report on Operation Troy, the 4-year-long cyber espionage campaign aimed at South Korea. Researchers determined that the recent attacks against the country were launched by two groups, the NewRomanic Cyber Army Team and the Whois Hacking Team.
Operation Troy, previously known as DarkSeoul, has several sub-campaigns, one of which is aimed at military forces in South Korea.
On Friday, the company started publishing indicators of compromise (IOC) data, which can be used to identify attacks carried out by the cybercriminals.
The Operation Troy IOC is available in OpenIOC format. The data can be analyzed with various free tools or with McAfee’s Network Security Platform, HIPS, GTI Proxy or Web Gateway.
McAfee has published a video to show users how the OpenIOC data can be imported into McAfee Web Gateway.