Security News > 2022 > November > New Windows malware also steals data from victims’ mobile phones
According to research from cybersecurity company ESET, the APT 37 threat group used the newly discovered malware against very specific entities.
The researchers say that the hackers delivered their commands to Dolphin by uploading them on Google Drive.
The malware has an extended set of capabilities that includes scanning local and removable drives for various types of data that is archived and delivered to Google Drive.
Its search capabilities extend to any phone connected to the compromised host by using the Windows Portable Device API. ESET notes that this functionality appeared to be under development in the first version of the malware they found.
ESET researchers caught four distinct versions for the Dolphin backdoor, the latest being 3.0 from January 2022.
According to the researchers, the malware was used in a watering-hole attack on a South Korean paper reporting on activity and events related to North Korea.
News URL
Related news
- Steam pulls game demo infecting Windows with info-stealing malware (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)