A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that compromises corporate networks and then sells that access to ransomware groups, according to security researchers.
This backdoor, also tracked as MLTBackdoor, was first documented by Zscaler earlier this month, with the security shop suggesting the novel malware is “likely used in ransomware attacks to establish a foothold for lateral movement.”
Read more…
Source:
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New Caledonia foils a cyberattack “of unprecedented strength”
May 22, 2024
Millions of emails, from “different countries”, were sent to New Caledonia on Tuesday, May 21, after the announcement of Emmanuel Macron’s visit to the territory. “An access provider suffered an attack to saturate the New Caledonian network. The teams managed to control this attack. Millions of emails were sent simultaneously to an email address, which was ...
- Patriot Mobile Suffers Data Breach Impacting Subscriber’s Personal Data
May 21, 2024
U.S. mobile service provider Patriot Mobile fell victim to a security incident resulting in the leak of subscriber details including names, email addresses, zip codes, and account PINs, as reported by TechCrunch. The operator, Patriot Mobile, which boasts itself as a “Christian conservative wireless provider” with an estimated customer base under 100,000, has been seen endorsing ...
- 23-year-old man accused of running $100 million online narcotics marketplace
May 21, 2024
Federal authorities have arrested a 23-year-old Taiwanese national and charged him with running an online market that sold $100 million worth of illicit narcotics, including fentanyl, cocaine, methamphetamine, heroin, LSD, and ketamine. The authorities said that for almost four years, Rui-Siang Lin operated and owned the Incognito Market, an online marketplace on the dark web that ...
- Western Sydney University staff, students caught in cyber attack
May 21, 2024
About 7500 staff and students have been caught up in a massive cyber attack at Western Sydney University. Police are investigating the breach, which the university says dates as far back as May 2023, when an unauthorised party got into the Microsoft Office system and accessed email accounts and SharePoint files. WSU says they have not ...
- Deepfake video conference sees criminals escape with US$25 million
May 20, 2024
In February, a multinational company’s finance team member in Hong Kong made headlines after he transmitted HK$200 million (US$25 million) to cybercriminals who pretended to be the chief financial officer and other colleagues, using deepfake technology, in what the worker thought was a legitimate video conference. Now it’s been revealed that it was UK engineering group ...
- Medusa announced attack on John R. Wood Christie’s International Real Estate group
May 20, 2024
No patron information was compromised in a recent ransomware attack against John R. Wood Christie’s International Real Estate by a cyber gang known as Medusa, according to the company. Medusa announced the attack on its site, claiming it had stolen more than 1 terabyte of Wood data. The gang demanded $2 million from the real estate ...