sábado, 3 de junho de 2023

Iranian Hackers Using New PowerShell Backdoor In Cyber Espionage Attacks

 


An advanced persistent threat group with links to Iran has updated its malware toolset to include a novel PowerShell-based implant called PowerLess Backdoor, according to new research published by Cybereason.

The Boston-headquartered cybersecurity company attributed the malware to a hacking group known as Charming Kitten (aka Phosphorous, APT35, or TA453), while also calling out the backdoor's evasive PowerShell execution.

"The PowerShell code runs in the context of a .NET application, thus not launching 'powershell.exe' which enables it to evade security products," Daniel Frank, senior malware researcher at Cybereason, said. "The toolset analyzed includes extremely modular, multi-staged malware that decrypts and deploys additional payloads in several stages for the sake of both stealth and efficacy."

The threat actor, which is active since at least 2017, has been behind a series of campaigns in recent years, including those wherein the adversary posed as journalists and scholars to deceive targets into installing malware and stealing classified information.


Earlier this month, Check Point Research disclosed details of an espionage operation that involved the hacking group exploiting the Log4Shell vulnerabilities to deploy a modular backdoor dubbed CharmPower for follow-on attacks.

The latest refinements to its arsenal, as spotted by Cybereason, constitutes an entirely new toolset that encompasses the PowerLess Backdoor, which is capable of downloading and executing additional modules such as a browser info-stealer and a keylogger.

Also potentially linked to the same developer of the backdoor are a number of other malware artifacts, counting an audio recorder, an earlier variant of the information stealer, and what the researchers suspect to be an unfinished ransomware variant coded in .NET.

Furthermore, infrastructure overlaps have been identified between the Phosphorus group and a new ransomware strain called Memento, which first emerged in November 2021 and took the unusual step of locking files within password-protected archives, followed by encrypting the password and deleting the original files, after their attempts to encrypt the files directly were blocked by endpoint protection.

"The activity of Phosphorus with regard to ProxyShell took place in about the same time frame as Memento," Frank said. "Iranian threat actors were also reported to be turning to ransomware during that period, which strengthens the hypothesis that Memento is operated by an Iranian threat actor."

Related posts

  1. Underground Hacker Sites
  2. Pentest Tools For Ubuntu
  3. Hacking Tools For Windows Free Download
  4. How To Install Pentest Tools In Ubuntu
  5. Hacking Tools Free Download
  6. Hacker Tools List
  7. Pentest Tools Free
  8. Hacker Tools Online
  9. Hacker Tools List
  10. Hacking Tools Software
  11. Tools 4 Hack
  12. Hack Tools Pc
  13. Tools For Hacker
  14. Pentest Tools For Ubuntu
  15. Hack Tool Apk No Root
  16. Hacking Tools 2020
  17. Hacking Tools For Kali Linux
  18. Pentest Tools Online
  19. Physical Pentest Tools
  20. Hacker Tools 2020
  21. Blackhat Hacker Tools
  22. Hack Rom Tools
  23. Pentest Tools Subdomain
  24. Hacking Tools For Windows 7
  25. Pentest Box Tools Download
  26. Hacker Tools 2019
  27. Hacker Tools Online
  28. Pentest Recon Tools
  29. Growth Hacker Tools
  30. Hacking Tools For Pc
  31. Pentest Tools Subdomain
  32. Nsa Hacker Tools
  33. Github Hacking Tools
  34. Pentest Tools Port Scanner
  35. Hacker Tools
  36. Hacker Tools Online
  37. Hacking Tools And Software
  38. Usb Pentest Tools
  39. Hacker Tools Windows
  40. Hacker Tools Online
  41. Hack Tools Pc
  42. Hacking Tools Download
  43. Hackers Toolbox
  44. Hack Tools Download
  45. Hacker Tools Free
  46. Pentest Tools Apk
  47. Pentest Tools Download
  48. Hackers Toolbox
  49. Pentest Tools Kali Linux
  50. Hacker Tools Hardware
  51. Hacker Tools For Pc
  52. Hack Tools Online
  53. Best Hacking Tools 2019
  54. Top Pentest Tools
  55. Pentest Recon Tools
  56. Hacking Tools Github
  57. Hacking Tools Mac
  58. Hack Tool Apk
  59. Hacking Tools Online
  60. Tools Used For Hacking
  61. Hack Tools 2019
  62. Hacker Tools Apk Download
  63. Hacker Tools List
  64. Pentest Tools Open Source
  65. Hacker Tools Mac
  66. Game Hacking
  67. Hacker Tools Apk
  68. Hack Tools For Pc
  69. Hacking Tools For Pc
  70. Hack Tool Apk
  71. Pentest Tools Subdomain
  72. Underground Hacker Sites
  73. Hack App
  74. Pentest Tools Website Vulnerability
  75. Hacker Tools Free
  76. Tools For Hacker
  77. Pentest Tools
  78. Hacking Tools And Software
Publicada por à(s)

Sem comentários:

Enviar um comentário

Subscrever: Enviar feedback (Atom)

Quando eu te falei em amor

Quando os meus olhos te tocaram
Eu senti que encontrara
A outra, metade de mim
Tive medo de acordar
Como se vivesse um sonho
Que não pensei em realizar
E a força do desejo
Faz me chegar perto de ti

Quando eu te falei em amor
Tu sorriste para mim
E o mundo ficou bem melhor
Quando eu te falei em amor
Nos sentimos os dois
Que o amanha vem depois
E não no fim

Estas linhas que hoje escrevo
São do livro da memória
Do que eu sinto por ti
E tudo o que tu me das
É parte da história que eu ainda não vivi
E a força do desejo
Faz me chegar de ti

Quando eu te falei em amor
Tu sorriste para mim
E o mundo ficou bem melhor
Quando eu te falei em amor
Nos sentimos os dois
Que o amanha vem depois e não no fim

André Sardet

Collide

The dawn is breaking
A light shining through
You're barely waking
And I'm tangled up in you
Yeah

But I'm open, you're closed
Where I follow, you'll go
I worry I won't see your face
Light up again

Even the best fall down sometimes
Even the wrong words seem to rhyme
Out of the doubt that fills my mind
I somehow find, you and I collide

I'm quiet, you know
You make a first impression
I've found I'm scared to know
I'm always on your mind

Even the best fall down sometimes
Even the stars refuse to shine
Out of the back you fall in time
I somehow find, you and I collide

Don't stop here
I've lost my place
I'm close behind

Even the best fall down sometimes
Even the wrong words seem to rhyme
Out of the doubt that fills your mind

You finally find, you and I collide
You finally find You and I collide
You finally findYou and I collide

Howie Day


Everything

You're a falling star, You're the get away
car.
You're the line in the sand when I go too
far.
You're the swimming pool, on an August day.
And You're the perfect thing to see.

And you play it coy, but it's kinda cute.
Ah, When you smile at me you know exactly what you
do.
Baby don't pretend, that you don't know it's
true.
Cause you can see it when I look at you.

And in this crazy life, and through these crazy
times
It's you, it's you, You make me sing.
You're every line, you're every word, you're
everything.

You're a carousel, you're a wishing well,
And you light me up, when you ring my bell.
You're a mystery, you're from outer space,
You're every minute of my everyday.

And I can't believe, uh that I'm your man,
And I get to kiss you baby just because I
can.
Whatever comes our way, ah we'll see it
through,
And you know that's what our love can do.

And in this crazy life, and through these crazy
times
It's you, it's you, You make me sing
You're every line, you're every word, you're
everything.

So, La, La, La, La, La, La, La
So, La, La, La, La, La, La, La

And in this crazy life, and through these crazy
times
It's you, it's you, You make me sing.
You're every line, you're every word, you're
everything.
You're every song, and I sing along.
Cause you're my everything.
yeah, yeah

So, La, La, La, La, La, La, La
So, La, La, La, La, La, La, La

Michael Bublé