McAfee has released a report showing the global cyber espionage campaign Operation Sharpshooter, discovered in 2018, was larger and took longer than previously reported by authorities.
The cybersecurity company announced Sunday the results of an analysis of the code and data from a command-and-control server that supported the operations, tools and tradecraft during the spy campaign.
McAfee said it found Sharpshooter involved multiple unknown command-and-control centers, started earlier in 2017 and targeted a broader set of organizations, industries and countries.
In December of last year, Sharpshooter targeted over 80 organizations across industries, including telecommunications, energy, government and defense.
McAfee said the campaign is still ongoing, now focusing on financial services, government and critical infrastructure.
The analysis suggests Germany, Turkey, the United Kingdom and the U.S. were the primary targets of the campaign.
Raj Samani, McAfee fellow and chief scientist, said the report could help improve how organizations implement cyber defenses to block the threats.
The analysis provides “greater insight into how the perpetrators behind Sharpshooter developed and configured control infrastructure; how they distributed the malware; and how they stealthily tested campaigns prior to launch,” Samani said.