IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia


Day after day, threat actors create new malware to use in cyberattacks. Each of these new implants is developed in its own way, and as a result gets its own destiny – while the use of some malware families is reported for decades, information about others disappears after days, months or several years.

Kaspersky researchers observed the latter situation with an implant that we dubbed MysterySnail RAT. The researchers discovered it back in 2021, when they were investigating the CVE-2021-40449 zero-day vulnerability. At that time, Kaspersky identified this backdoor as related to the IronHusky APT, a Chinese-speaking threat actor operating since at least 2017. Since they published a blogpost on this implant, there have been no public reports about it, and its whereabouts have remained unknown.

Read more…
Source: kaspersky


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • NSA Advocates Data Sharing Framework

    June 23, 2017

    The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...