Whitefly
MITRE: G0107Whitefly is a cyber espionage group that has been operating since at least 2017. The group has targeted organizations based mostly in Singapore across a wide variety of sectors, and is primarily interested in stealing large amounts of sensitive information. The group has been linked to an attack against SingaporeâÂÂs largest public health organization, SingHealth.
Whitefly is an advanced persistent threat (APT) that has been active since at least 2017 and targets government organizations, financial institutions, defense contractors, and other high-value targets in various countries including Russia, Ukraine, the United States, Germany, Italy, Japan, and South Korea. It uses a variety of techniques to gain access to its target networks, such as spear phishing emails or exploiting vulnerabilities in software. Once inside, Whitefly can steal sensitive information, install backdoors for future access, and perform other malicious activities. The group behind the APT is believed to be based in Russia but has not been officially identified by any government agency.
Techniques, tactics and practices:
Whitefly uses a variety of techniques to gain access to its target networks, such as spear phishing emails or exploiting vulnerabilities in software. Once inside, it can steal sensitive information, install backdoors for future access, and perform other malicious activities. The group behind the APT is believed to be based in Russia but has not been officially identified by any government agency.
