# OPERATION DUST STORM ATTACK TIMELINE


### May 2015

Attack group
adopts and customizes
several Android backdoors


Attacks leverage an
unpatched Internet
Explorer 8 vulnerability
to gain a foothold into
victim networks and
start to garner
some notoriety.


Attack campaign
leverages previously
used flash exploit and
Internet Explorer
zero-day.


Two new waves of attacks
are launched, targeting
multiple Japanese
companies including a
Japanese subsidiary of
a South Korean electric
utility and a major
Japanese oil and gas
company. The most likely
goals are reconnaissance
and long-term espionage.


SPEAR believes that
attacks of this nature
into companies
involved in Japanese
critical infrastructure
and resources are
ongoing and likely to
continue to escalate
in the future.


A number of second-stage
backdoors with hardcoded
proxy addresses and
credentials compromise
a number of Japanese
companies involved in
power generation, oil
and natural gas,
construction, finance,
and transportation.


### 2011


-----