View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 14, 2014

Flea hackers target Brisbane G20 Summit

Spear-phishing emails used to nab data from financial and government bodies.

By Jimmy Nicholls

The hacking group Flea is targeting this year’s G20 Summit in Brisbane, Australia with the intention of stealing sensitive data, according to the security company Symantec.

Malicious emails have been circulating in the run-up to the event, hitting an international economic group and an organisation connected to several monetary authorities.

Symantec said: "The Flea attack group carries out new attacks every four to eight months, suggesting that the group only wishes to steal information over a short amount of time.

"Flea’s attack tools also indicate that the group is not interested in laterally moving across compromised networks to reach other targets."

The hackers use spear-phishing emails with malicious attachments to attack their victims, with the content of the message based on political conferences, nuclear issues or the Olympics.

Once the documents are downloaded, the backdoor Infostealer.Hoardy is dropped onto the system, allowing the hackers to run shell commands and transfer files on and off the infected machine.

"A non-malicious Word document is also opened up on the compromised computer to ensure that the recipient doesn’t suspect that anything is amiss," Symantec added.

Content from our partners
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business
When it comes to AI, remember not every problem is a nail

Personnel departments are also used as an entry point, with hackers creating phoney job applications for the firms they are looking to infect in order to carry out reconnaissance.

Flea is thought to have been active since 2010, when it was seen targeting the G20 Summit in Seoul, South Korea in similar circumstances.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.