Jan 30, 2024NewsroomMalware / Cyber Espionage The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November 2023 and January 2024 after … [Read more...] about China-Linked Hackers Target Myanmar’s Top Ministries with Backdoor Blitz
backdoor
Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
Jan 19, 2024NewsroomMalware / Endpoint Security Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. "These applications are being hosted on Chinese pirating websites in order to gain victims," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. "Once … [Read more...] about Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
Researchers Unmask Sandman APT’s Hidden Link to China-Based KEYPLUG Backdoor
Dec 11, 2023NewsroomThreat Intelligence / Cyber Attack Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that's known to use a backdoor known as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligence team based on the fact that … [Read more...] about Researchers Unmask Sandman APT’s Hidden Link to China-Based KEYPLUG Backdoor
N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
Dec 08, 2023NewsroomCyber Espionage / Cryptocurrency The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of a spear-phishing campaign with the ultimate goal of distributing backdoors on compromised systems. "The threat actor ultimately uses a backdoor to steal information and execute commands," the AhnLab … [Read more...] about N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Dec 02, 2023Newsroom Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service (DNS) protocol to create a covert channel and provide different backdoor functionalities," Palo Alto Networks … [Read more...] about Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices
Oct 21, 2023NewsroomZero-Day / Vulnerability Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside … [Read more...] about Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices
New Advanced Backdoor with Distinctive Malware Tactics
Sep 23, 2023THNCyber Espionage / Malware Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESET said … [Read more...] about New Advanced Backdoor with Distinctive Malware Tactics
ShroudedSnooper’s HTTPSnoop Backdoor Targets Middle East Telecom Companies
Sep 19, 2023THNMalware / Cyber Threat Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a stealthy backdoor called HTTPSnoop. "HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests … [Read more...] about ShroudedSnooper’s HTTPSnoop Backdoor Targets Middle East Telecom Companies
Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector
Jul 20, 2023THNCyber Attack / Malware The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck (aka CAPIBAR or GAMEDAY) that's capable of delivering next-stage payloads. The Microsoft threat intelligence team, in collaboration with the Computer Emergency Response Team of Ukraine (CERT-UA), attributed the attacks to … [Read more...] about Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector
Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor
Jun 21, 2023Ravie LakshmananCyber Threat / APT Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican. Some of the other targets included a government finance … [Read more...] about Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor