Security News > 2020 > December > Hacker-for-hire group develops new stealthy Windows backdoor
2020-12-03 11:57
Kaspersky researchers discovered a previously undocumented Windows PowerShell malware dubbed PowerPepper and developed by the hacker-for-hire group DeathStalker.
The new PowerPepper implant was discovered by Kaspersky in May 2020 while researching other attacks using the group's other PowerShell-based implant known as Powersing.
Since its discovery, PowerPepper has been under constant development with new versions being deployed and its delivery chains being adapted to new targets.
This new malware is an in-memory Windows PowerShell-based backdoor that allows its operators to execute shell commands delivered remotely via a command-and-control server.
Using Windows Compiled HTML Help files as archives for malicious files.
News URL
Related news
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)
- FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)