It’s thought that Poseidon went relatively unnoticed during that period because its various attacks were not previously linked to one another. Security firms and enthusiasts alike spotted individual cases, but it wasn’t until last year that Kaspersky’s Global Research and Analysis Team — otherwise known as GReAT — managed to put the pieces together.
Poseidon targeted companies with spear-phishing emails containing attached RTF files (Rich Text Format) and Microsoft Word documents. These messages were typically directed toward human-resources workers, and contained malware that enabled the attacker to thoroughly explore the topography of the target network, according to a report from PC World.
From there, Poseidon would steal intellectual property and trade secrets, which could then be used to blackmail the target. Organizations have been coerced into taking on the services of the Poseidon Group as a security firm, who would supposedly help fix the problems they were experiencing — of course, malware was often left behind for future usage.
Kaspersky reports that Poseidon made attacks on government institutions, banks, telecommunications firms, and media groups, among others. Its activities have been traced back to at least 2005, but the oldest sample found suggests that the scheme was in the works as early as 2001.
Poseidon survived this long by making regular changes to the way it perpetrated attacks, something that will be more difficult now that Kaspersky has a handle on its methods. As part of the company’s research into the group, the security researchers contacted affected organizations with information on how to defend themselves going forward.
Editors' Recommendations
- Ransomware attacks have spiked massively. Here’s how to stay safe
- This huge DDoS attack was one of the longest ever recorded
- Europe just suffered its worst DDoS attack ever, but we don’t know why
- The Spectre flaw is back — and Intel Alder Lake isn’t safe
- Microsoft Teams will now protect you against phishing attacks
