A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that compromises corporate networks and then sells that access to ransomware groups, according to security researchers.
This backdoor, also tracked as MLTBackdoor, was first documented by Zscaler earlier this month, with the security shop suggesting the novel malware is “likely used in ransomware attacks to establish a foothold for lateral movement.”
Read more…
Source:
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Windows App Runs on Mac, Downloads Info Stealer and Adware
February 11, 2019
EXE is the official executable file format used for Windows to signify that they only run on Windows platforms, and to serve as a security feature. By default, attempting to run an EXE file on a Mac or Linux OS will only show an error notification. However, we found EXE files in the wild delivering a ...
- Banks Under Attack: Tactics and Techniques Used to Target Financial Organizations
February 8, 2019
US$100 – 300 billion: That’s the estimated losses that financial institutions can potentially incur annually from cyberattacks. Despite the staggering amount, it’s unsurprising — over the past three years, several banks suffered $87 million in combined losses from attacks that compromised their SWIFT (Society for Worldwide Interbank Financial Telecommunication)infrastructures. That’s just the tip of the iceberg: A ...
- New macOS zero-day allows theft of user passwords
February 6, 2019
A German security researcher has published a video over the weekend showing a new zero-day affecting Apple’s macOS desktop operating system. In an interview to German tech site Heise, Linus Henze, the security researcher, says the vulnerability allows a malicious app running on a macOS system to get access to passwords stored inside the Keychain –the password management ...
- Android Phones Can Get Hacked Just by Looking at a PNG Image
February 6, 2019
Using an Android device? Beware! You have to remain more caution while opening an image file on your smartphone—downloaded anywhere from the Internet or received through messaging or email apps. Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three newly-discovered critical vulnerabilities that affect millions of devices running recent versions of Google’s mobile ...
- Pro-Tibet groups targeted with ExileRAT in spy campaign
February 5, 2019
Researchers have uncovered a new cyberespionage campaign which is targeting pro-Tibetan individuals in order to distribute the ExileRAT Trojan. On Monday, researchers from Cisco Talos said that the new campaign delivers a malicious Microsoft PowerPoint document containing the Remote Access Trojan (RAT) which is capable of stealing system and personal information, terminating or launching processes, surveillance and the ...
- The APT Name Game: How Grim Threat Actors Get Goofy Monikers
February 5, 2019
What’s in a name? When it comes to advanced persistent threat groups, it is often quite a bit. While their monikers’ may seem whimsical – Fancy Bear, Nomadic Octopus, Ocean Lotus and Darkhotel – the reality is these are not arbitrary names. In fact, many are similar to schoolyard nicknames or a type of shorthand – ...