Threat Intelligence Report Report - EclecticIQ Hypotheses: Infection Vector for German Government Breach (English)

On 28th February the German Interior Ministry confirmed that it identified an attack against its servers in December 2017. In this report EclecticIQ Fusion Center analysts will summarize what is known to date and will provide a set of hypotheses about the infection vector.

Report from EclecticIQ Fusion Center from Wednesday 14 March 2018.

Key Findings:

ILIAS e-Learning platform likely infiltrated by adversaries to serve malicious documents that are commonly provided with online courses.

e-Learning portal was running outdated version, which might have aided attackers in exploitation of vulnerabilities.

Unknown if or how Government computers in a closed network could have accessed the e-Learning portal hosted online

Broad distribution of ILIAS across industries

Download Resource

Download report and STIX entitiesSee other resources