Virus Type: Spyware, Advanced Persistent Threat, Trojan, Malware
Poseidon Group is a commercial entity, whose attacks involve custom malware digitally signed with rogue certificates, deployed to steal sensitive data from victims and to coerce them into a business relationship. The information gathered is then leveraged by a fronting business to manipulate victim companies into contracting the Poseidon Group as a security consultant - under the threat of exploiting the stolen information in a series of shady business deals to benefit Poseidon. The malware is designed to function specifically on English and Brazilian Portuguese Windows machines.
At least 35 victim companies have been identified with primary targets including financial and government institutions, telecommunications, manufacturing, energy and other service utility companies, as well as media and public relations firms.
Victims of this group have been found in the following countries:
If you are in a risk group make sure you are using advanced anti-malware solutions as well as consulting with a reliable security company. You can download the free virus scan Kaspersky Security Scan to scan a machine for malware and check for infection.
Kaspersky Lab’s products detect and remove all known versions of Poseidon Group components. Companies should pay attention to the cybersecurity awareness among their employees to prevent them from opening emails with malware attachments. An accurate security audit by a reliable security company is also essential.
Poseidon Group: Global Cyberespionage Malware Boutique - Threat Definition