Sep 30, 2023THNCyber Espionage / Malware Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. "The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or … [Read more...] about Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
covert
ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC
Jun 16, 2023Ravie LakshmananEndpoint Security / Network Security The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor's capabilities. The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS (DoH) tunneling. ChamelGang … [Read more...] about ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC
Chinese Experts Uncover Details of Equation Group’s Bvp47 Covert Hacking Tool
Researchers from China's Pangu Lab have disclosed details of a "top-tier" backdoor put to use by the Equation Group, an advanced persistent threat (APT) with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency (NSA). Dubbed "Bvp47" owing to numerous references to the string "Bvp" and the numerical value "0x47" used in the … [Read more...] about Chinese Experts Uncover Details of Equation Group’s Bvp47 Covert Hacking Tool