Oil & Gas

Activity Summary - Week Ending 26 July 2019:

• Wapack Labs identified 45,077 connections from new unique IP addresses
• Proprietary sources identified 299,898 new IP addresses participating in various Botnets
• Polymorphic Scripts
• EvilGnome and Linux
• Russi

Activity Summary - Week Ending 18 July 2019:

• Wapack Labs identified 32,623 connections from new unique IP addresses
• Proprietary sources identified 127,621 new IP addresses participating in various botnets
• GoBotKR Backdoor
• Hidden Cobra Again
• One of th

Activity Summary - Week Ending 5 July 2019:

• Wapack Labs identified 79 unique email accounts compromised with keyloggers;
• Analysts identified 68,950 sinkhole connections from new unique IP addresses
• Proprietary sources identified 645,174 new IP addresses

Activity Summary - Week Ending 5 July 2019:

• Wapack Labs identified 53,932 connections from new unique IP addresses
• Compromised IP: Spain Madrid Telefonica De Espana Sau
• Proprietary sources identified 226,001 new IP addresses participating in various

Activity Summary - Week Ending 28 June 2019:

• Wapack Labs identified 96,150 connections from new unique IP addresses
• Proprietary sources identified 172,992 new IP addresses participating in various botnets
• Plurox, a “Back Stage Pass”
• BTCTurk Pro Beta

Activity Summary - Week Ending 21 June 2019:

• Wapack Labs identified 24,170 connections from new unique IP addresses
• Proprietary sources identified 213,765 new IP addresses participating in various Botnets
• top C2 IP keylogger collection IP: 185.124.22

Activity Summary - Week Ending 14 June 2019:

• Wapack Labs identified 104 unique email accounts compromised with keyloggers
• Analysts identified 49,113 connections from new unique IP addresses
• Proprietary sources identified 611,068 new IP addresses par

Activity Summary - Week Ending 7 June 2019:

• Global Guardian identified 49,113 connections from new unique IP addresses
• Manobina Enterprise email is pwned, pipe valve company exporter in India
• Raviraj Institute of Fine Arts is being spoofed, India ar

Activity Summary - Week Ending 31 May 2019:

• Wapack Labs identified 50,949 connections from new unique IP addresses
• Turkey’s Leader Erdogan’s name is being used as a Spoof in Germany
• Proprietary sources identified 629,070 new IP addresses participati

Activity Summary - Week Ending 24 May 2019:

• Wapack Labs identified 68,359 connections from new unique IP addresses
• Proprietary sources identified 514,587 new IP addresses participating in various botnets
• Smoke Screen in Asia
• Slack Bug Malware Inject

Activity Summary - Week Ending 17 May 2019:

• RU Federation Naberezhnyye Chelny Jsc Er-telecom Holding seen again as a compromised (C2) IP
• Wapack Labs identified 51,037 connections from new unique IP addresses
• Proprietary sources identified 372,912 ne

Figure 1. M/T Amjad, one of the ships attacked in UAE waters.

The US Maritime Administration (MARAD) sent out a warning to all US flagged vessels, including oil tankers sailing through key Middle East waterways, they could be targeted by Iran.[1]  Th

Activity Summary - Week Ending 10 May 2019:

• Wapack Labs proprietary sources identified 502,178 new IP addresses participating in various botnets
• Russian Federation Naberezhnyye Chelny Jsc Er-telecom Holding company’s IP is compromised
• Wapack Labs id

Extinction Rebellion and the Sunrise Movement are two relatively new environmental groups who are directly targeting the oil and gas energy sector in predominantly the Unites States and Western Europe.  Extinction Rebellion (ER) has been responsible

Activity Summary - Week Ending 12 April 2019:

• Ukraine Kiev Rm Engineering Llc is a compromised C2
• Attack Server- youusednspy@yandex.com / dnSpy is a debugger and .NET assembly editor lure
• Hacking DragonEx Cryptocurrency
• Tax Season Malware Campaigns

Summary

Wapack Labs observed malicious email trending on CTAC which detected an uptick in Darwish Trading Company (DTC) spoofing.  Hackers pretend to be from this Qatari company as it has a wide range of business activities to include servicing the oi

China’s need for energy has skyrocketed over the last 20 years as the country has gotten richer and the middle class—now 400 million—has grown into a significant segment of the population.  Energy demands are not being met by domestic production, so

Activity Summary - Week Ending 22 March 2019:

• Wapack Labs identified 74,293 connections to sinkholes from new unique IP addresses
• Proprietary sources identified 830,871 new IP addresses participating in various botnets
• #WinRAR exploit
• Winnti Malware

Activity Summary - Week Ending 15 March 2019:

• AL Shirawi Enterprises in Dubai is keylogged again for the 2^nd week
• Wapack Labs identified 75,628 connections from new unique IP addresses
• Analysts identified 329,141 new IP addresses participating in va

Activity Summary - Week Ending 08 March 2019:

• Wapack Labs identified 375 unique email accounts compromised with keyloggers
• Researchers identified 46,515 connections from new unique IP addresses
• Wapack Labs proprietary sources identified 575,681 new