Security News > 2022 > December > Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant

Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financial investment institutions in the Middle East and Europe.

The attacks targeting law firms throughout 2020 and 2021 involved a revamped variant of a malware called Janicab that leverages a number of public services like YouTube as dead drop resolvers, Kaspersky said in a technical report published this week.

Janicab infections comprise a diverse set of victims located in Egypt, Georgia, Saudi Arabia, the UAE, and the U.K. The development marks the first time legal organizations in Saudi Arabia have been targeted by this group.

"Their interest in gathering sensitive business information leads us to believe that DeathStalker is a group of mercenaries offering hacking-for-hire services, or acting as some sort of information broker in financial circles," the Russian cybersecurity company noted in August 2020.

The findings underscore that the threat actor has continued to update its malware toolset to maintain stealthiness over extended periods of time.

As legal and financial sectors are a common target for the threat actor, the researchers further theorized that DeathStalker's customers and operators could be weaponizing the intrusions to keep tabs on lawsuits, blackmail high-profile individuals, track financial assets, and harvest business intelligence about potential mergers and acquisitions.

News URL

https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html