July 29, 2015
The espionage gang behind the MiniDuke backdoor uncovered by Kaspersky Lab and CrySys Lab in 2013 has surfaced again with a new backdoor and attack platform that is used sparingly against only high-value targets.
The new data theft tool, called Hammertoss, is a study not only in espionage capabilities, but also stealth and targeting. It’s been found so far only on one organization’s network, and has been linked to a Russian group dubbed APT29 by researchers at FireEye.