backdoor (2)

10477932254?profile=RESIZE_400xEspionage comes in many forms, for advanced persistent threat (APT) “UNC3524” as dubbed by security company Mandiant, the objective is to collect emails dealing with corporate development, mergers & acquisitions, and corporate transactions.  “UNC3524” was first discovered in December 2019 and has been tracked since then.  The group’s corporate targets and interest in M&A plans point to financial motivation, however, the group’s ability to linger in a target environment while collecting emails, s

‘Hired Gun’ Hackers and the PowerPepper Backdoor

8262752287?profile=RESIZE_400xKaspersky Labs announced a new find regarding a new backdoor loaded into Windows RAM, developed by Hackers for Hire (HfH).  The backdoor is capable of remotely executing malicious code and stealing confidential information.

The malware is called PowerPepper and is linked to the DeathStalker (DS) cybercriminal group (previously called the Deceptikons).  DS members of this group have been targeting law firms and financial institutions in Europe and