Security News > 2022 > November > New Windows malware also steals data from victims’ mobile phones
According to research from cybersecurity company ESET, the APT 37 threat group used the newly discovered malware against very specific entities.
The researchers say that the hackers delivered their commands to Dolphin by uploading them on Google Drive.
The malware has an extended set of capabilities that includes scanning local and removable drives for various types of data that is archived and delivered to Google Drive.
Its search capabilities extend to any phone connected to the compromised host by using the Windows Portable Device API. ESET notes that this functionality appeared to be under development in the first version of the malware they found.
ESET researchers caught four distinct versions for the Dolphin backdoor, the latest being 3.0 from January 2022.
According to the researchers, the malware was used in a watering-hole attack on a South Korean paper reporting on activity and events related to North Korea.
News URL
Related news
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)