“DeathStalker” hackers are (seemingly) older and extra prolific than we thought

Stock photo of a hooded figure hiding behind computer code.

Enlarge (credit score: Getty Photos)

In 2018, researchers from safety agency Kaspersky Lab started monitoring “DeathStalker,” their title for a hacker-for-hire group that was using easy however efficient malware to do espionage on regulation companies and corporations within the monetary trade. Now, the researchers have linked the group to 2 different items of malware together with one which dates again to not less than 2012.

DeathStalker got here to Kaspersky’s consideration for its use of malware {that a} fellow researcher dubbed “Powersing”. The malware acquired its title for a 900-line PowerShell script that attackers went to nice lengths to obfuscate from antivirus software program.

Assaults began with spear-phishing emails with attachments that gave the impression to be paperwork however—by means of a sleight of hand involving LNK information—had been really malicious scripts. To maintain targets from getting suspicious, Powersing displayed a decoy doc as quickly as targets clicked on the attachment.

Learn 9 remaining paragraphs | Feedback

Leave a Reply

Your email address will not be published. Required fields are marked *