You will have done a good job and you can end your career. Compared to typical cybercriminals, they were very sophisticated, both technically and organizationally. That being said, if I detected Lurk today, I would certainly be less impressed and just see them as a group that adopted excellent methods. The court verdict is a Job Function Email Database good excuse to look back and understand why their criminal activity was so special. Their infection tactic We should start with the attack vector. The cybercriminals used the method of the watering hole attack , posting a page that redirected to an exploit kit on several media company sites. This method was not new, but in this case, for the computer to be infected, the victim still an accountant) had to visit the site during his lunch break only.

The exploit kit downloaded an intangible Trojan onto the computer which was only used for spying purposes. Cybercriminals would first investigate what programs were running on the machine, if there were traces of banking software or research programs, and what subnets the device was using. Banking and government networks were the primary focus. In other words, they determined if the computer was interesting and knew exactly who they wanted to infect. The main malware was downloaded only if the computer was really fascinating.