VIRUS DEFINITION

Virus Type: Spyware, Advanced Persistent Threat

What is Blue Termite?

Blue Termite is a cyberespionage campaign that has been targeting hundreds of organizations in Japan for at least two years. The attackers hunt for confidential information and utilize a zero-day Flash player exploit and a sophisticated backdoor, which is customized for each victim.

Who are the victims of its attacks?

Kaspersky Lab has been able to identify several hundred victims, in Japan.

Targets of Blue Termite attacks include in the following sectors:

  • Governmental organizations
  • Manufacturing
  • Financial
  • Chemical
  • Satellite
  • Media
  • Medical
  • Food
  • Education organizations

Am I at risk?

You might be a target for Blue Termite if the following risk factors are relevant to you:

Risk factors:

  • If you are in Japan or often travel there and you work for/with an industry targeted by the attackers
  • If you regularly visit Japanese websites
  • If you use an unpatched Adobe Flash Player

How do I know if I’m infected?

Kaspersky Lab products detect the malware used in Blue Termite campaign as:

  • Backdoor.Win32.Emdivi.*
  • Backdoor.Win64.Agent.*
  • Exploit.SWF.Agent.*
  • HEUR:Backdoor.Win32.Generic
  • HEUR:Exploit.SWF.Agent.gen
  • HEUR:Trojan.Win32.Generic
  • Trojan-Downloader.Win32.Agent.*
  • Trojan-Dropper.Win32.Agent.*

How can I protect myself?

To protect against Blue Termite attacks, make sure you follow these basic security best practices:

Vi använder cookies för att förbättra din upplevelse av våra webbplatser. Genom att använda och fortsätta navigera på den här webbplatsen godkänner du detta. Om du vill ha mer information om användning av cookies på den här webbplatsen klickar du på Mer information.

Godkänn och stäng