DeathStalker APT Spices Things Up with PowerPepper Malware

2020-12-03 17:20

The DeathStalker advanced persistent threat group has a hot new weapon: A highly stealthy backdoor that researchers have dubbed PowerPepper, used to spy on targeted systems.

PowerPepper was cultivated to execute remote shell commands sent by DeathStalker operators, which are aimed at stealing sensitive business information.

PowerPepper is typically spread via spearphishing emails with the malicious files delivered via the email body or within a malicious link, as is typical for DeathStalker.

"PowerPepper once again proves that DeathStalker is a creative threat actor: one capable of consistently developing new implants and toolchains in a short period of time," said Pierre Delcher, security expert at Kaspersky, in a statement.

"PowerPepper is already the fourth malware strain affiliated with the actor, and we have discovered a potential fifth strain. Even though they are not particularly sophisticated, DeathStalker's malware has proven to be quite effective."

News URL

https://threatpost.com/deathstalker-apt-powerpepper-malware/161867/

#APT #malware