A Few of Unit 42’s Greatest Contributions to Threat Intelligence Research

Dec 23, 2019
3 minutes

In 2015, Unit 42, the global threat intelligence division at Palo Alto Networks, discovered that more than 39 iOS apps were infected with xCodeGhost, the first compiler malware in OSX. By targeting the compilers used to create legitimate apps, xCodeGhost is able to use infected apps to collect information from devices and upload that data to command and control (C2) servers. After finding xCodeGhost in popular apps including WeChat and Didi, Unit 42 shared their samples, threat intelligence and research with Apple, Amazon and Baido to stop the attacks or mitigate the security threat. 

This is just one example of the work of Unit 42, whose mission is to research and document the details of adversaries’ playbooks and quickly share them with systems, people and organizations who can use them to prevent successful cyberattacks. 

In our rapidly evolving digital age, cybercriminals find new software vulnerabilities and attack vectors everyday. They’re also often willing to freely share their tools and techniques with other criminals so information spreads rapidly. This presents a major challenge for cybersecurity experts, who are constantly trying to keep pace with the rapidly growing volume and sophistication of attacks, and makes work like that of Unit 42 especially vital. Believing that threat intelligence should be accessible to all, Unit 42 disseminates their findings freely and globally so defenders everywhere can gain visibility into threats to better defend their businesses against them.

To highlight some of the most significant contributions Unit 42 has made to threat research, we’ve compiled them into the Unit 42 Greatest Hits Interactive. There, you can learn more about xCodeGhost and other threat intelligence research. From discoveries like KeyRaider, a computer malware that stole login credentials from more than 225,000 Apple devices, to OilRig, which became the first ever adversary playbook, Unit 42 has had a profound impact on threat intelligence and research in the cybersecurity landscape. 

Download our Unit 42 Greatest Hits Interactive to find:

  • Major cyberthreats and how they operate.
  • Tools and tactics Unit 42 uses to discover new threats.
  • Essential news and resources related to common cyberthreats.

Experts in hunting and collecting unknown threats, the Unit 42 team has been internationally recognized for key research on threats and campaigns and is frequently sought out by enterprises and government agencies around the world. They were even recently recognized by Microsoft with multiple awards for contributions to vulnerability research, including first place for the discovery of Zero Day vulnerabilities

To see an engaging digital exhibition of Unit 42’s discoveries and how they’re combating large-scale threats, check out the Unit 42 Greatest Hits Interactive.

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.