Wild Neutron/Butterfly is back — the secretive cybercrime group

  • Team Omega
  • July 16, 2015

Wild Neutron - Economic espionage threat actor returns with new tricksThe year 2013 was fraught with cyber crimes on high-profile names — Facebook, Twitter, Apple, Microsoft.

#WildNeutron is a powerful entity engaged in espionage. According to Symantec and Kaspersky, the group used a ‘combination of exploits, watering holes and multi-platform malware’.

Both Kaspersky and Symantec have concluded that Wild Neutron is not sponsored by any state, and the only purpose of their attacks is to make money selling valuable information.

Although the group went into hiding for sometime, they have been steady in their attacks since 2012 and increasingly so.

The latest round of attacks in 2015 used a stolen code signing certificate belonging to Taiwanese electronics maker Acer and an unknown Flash Player exploit. Butterfly 2.png

Symantec blog reports, “Butterfly is technically proficient and well resourced. The group has developed a suite of custom malware tools capable of attacking both Windows and Apple computers, and appears to have used at least one zero-day vulnerability in its attacks. It keeps a low profile and maintains good operational security. After successfully compromising a target organization, it cleans up after itself before moving on to its next target.”

For more information check out the Symantec and Kaspersky blog posts.

Visit OmegaSecure to find out how to secure your retail systems and manage your environment from one centralized console.