Read Time:1 Minute, 33 Second
Cybersecurity researchers have discovered a new wave of cyber attacks by a China-based hacker group called “Sparking Goblin.”
According to a new report published by cyber firm FireEye, the Sparking Goblin hackers have been using a new malware called “LookBack” to attack several organisations in the United States and South Korea.
The Sparkling Goblin advanced persistent threat (APT) group has been active since at least 2012, targeting the Middle East and North African entities with watering hole attacks and spear-phishing campaigns.
In the new campaign, the hackers used a custom-built malware called LookBack to gain initial access to victim networks. Once inside, the attackers use various tools and techniques to move laterally across the web and collect sensitive data.
Now, researchers have uncovered a new campaign attributed to the group that uses malicious Microsoft Word documents exploiting a recently patched flaw in the software to drop a backdoor payload onto the victim’s system.
The researchers dubbed the “FlawedAmmyy” backdoor gives attackers remote access and control over the compromised system. It can also upload and download additional files, execute commands, and take screenshots.
“This campaign is notable for its use of a new variant of FlawedAmmyy, a well-known remote access trojan (RAT) that has been used in previous attacks attributed to the Sparking Goblin APT group,” the researchers said.
“The RAT allows an attacker to take full control of an infected system and perform various actions, such as stealing sensitive information, executing commands, and downloading, uploading files.”
The researchers believe the campaign is still active and advise organisations to patch their systems to prevent exploitation.
This latest campaign is just one example of how hackers use new and old exploits to target businesses and individuals worldwide. It’s essential to stay up-to-date on the latest cybersecurity threats and take steps to protect your devices and data.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
