Security News > 2022 > November > New Windows malware also steals data from victims’ mobile phones
According to research from cybersecurity company ESET, the APT 37 threat group used the newly discovered malware against very specific entities.
The researchers say that the hackers delivered their commands to Dolphin by uploading them on Google Drive.
The malware has an extended set of capabilities that includes scanning local and removable drives for various types of data that is archived and delivered to Google Drive.
Its search capabilities extend to any phone connected to the compromised host by using the Windows Portable Device API. ESET notes that this functionality appeared to be under development in the first version of the malware they found.
ESET researchers caught four distinct versions for the Dolphin backdoor, the latest being 3.0 from January 2022.
According to the researchers, the malware was used in a watering-hole attack on a South Korean paper reporting on activity and events related to North Korea.
News URL
Related news
- PixPirate Android malware uses new tactic to hide on phones (source)
- Hackers abuse Windows SmartScreen flaw to drop DarkGate malware (source)
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics (source)
- Detecting Windows-based Malware Through Better Visibility (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware (source)