Digitally Signed Bandook Trojan Reemerges in Global Spy Campaign

2020-11-30 19:39

A wave of targeted cyberattack campaigns bent on espionage is cresting around the globe, using a strain of a 13-year old backdoor trojan named Bandook.

According to Check Point Research, Bandook was last spotted being used in 2015 and 2017/2018, in the "Operation Manul" and "Dark Caracal" campaigns, respectively.

According to the firm, dozens of digitally signed variants of this commodity malware are popping up in an unusually large variety of sectors and locations.

In addition to the recent Bandook samples, Check Point also identified additional samples from 2019 to 2020 that were not digitally signed and contained about 120 commands.

"Several factors led us to believe that these signed and unsigned variants are specially crafted Bandook variants, used and developed by the same entity," according to the report.

News URL

https://threatpost.com/digitally-signed-bandook-trojan-spy-campaign/161676/

#SPY #trojan