Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
"MuddyWater" Cyberspies Update PowerShell Backdoor
#1
Quote:The cyber-espionage group known as MuddyWater has used an updated multi-stage PowerShell backdoor in recent campaigns, Trend Micro’s security researchers report.
 
First detailed in 2017, the threat actor has been highly active during the last several months of 2018, when it reportedly hit over 130 victims in 30 organizations. 
 
Over the past couple of years, the threat actor was observed expanding its target list and numerous attacks were linked to it, as well as malware found to resemble the actor’s usual set of backdoors. 
 
Following Kaspersky’s recent analysis of MuddyWater post-infection tools, Trend Micro now says that the cyber-spies have updated their PowerStats backdoor, and that the new variant has already been observed in a spear-phishing campaign targeting a university in Jordan and the Turkish government. 
 
Leveraging compromised legitimate accounts to trick victims into installing malware, the emails contained a document embedded with a malicious macro to drop a VBE file that holds a block of data containing an obfuscated PowerShell script.

SOURCE: https://www.securityweek.com/muddywater-...l-backdoor
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AWZ Screen Recorder
AWZ Screen Recorder ...zevish — 11:05
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>