Security News > 2020 > December > Hacking group’s new malware abuses Google and Facebook services
Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data.
Designed for cyberespionage, the malware attempts to avoid detection and takedown efforts by using Dropbox and Facebook services to steal data and receive instructions from the operators.
MoleNet, the third malware that Cybereason discovered, can run WMI commands to profile the operating system, check for debuggers, restart the machine from the command line, upload details about the OS, fetch new payloads, and create persistence.
Even if they skimp on resources by using free services for their operations, Molerats shows that it can create new malware for stealthy operations.
Cybereason provides comprehensive details about the new tools leveraged by Molerats in recent campaigns, covering the attack chain, infrastructure, and connections with other malware that the threat group used in the past.