fbpx

ESET research into POLONIUM’s arsenal – Week in security with Tony Anscombe

More than a dozen organizations operating in various verticals were attacked by the threat actor

This week, ESET researchers published their analysis of previously undocumented backdoors and cyberespionage tools that the POLONIUM APT group has deployed against targets in Israel. The group has used at least seven different custom backdoors in the past year, and ESET has named five previously undocumented backdoors with the suffix “-Creep.”

More than a dozen organizations operating in various verticals – including engineering, information technology, law, communications, media, insurance, and social services – were attacked by the threat actor. POLONIUM’s custom tools can take screenshots, log keystrokes, spy via the webcam, exfiltrate files and perform other covert actions, all the while misusing popular cloud services such as Dropbox, OneDrive, and Mega for command and control communication.

Watch the video to learn more.

Source link

Editor