Security News > 2023 > April > Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks
The prolific Iranian nation-state group known as Charming Kitten targeted multiple victims in the U.S., Europe, the Middle East and India with a novel malware dubbed BellaCiao, adding to its ever-expanding list of custom tools.
Discovered by Bitdefender Labs, BellaCiao is a "Personalized dropper" that's capable of delivering other malware payloads onto a victim machine based on commands received from an actor-controlled server.
The development comes as the threat actor was attributed by Microsoft to retaliatory attacks aimed at critical infrastructure entities in the U.S. between late 2021 to mid-2022 using bespoke malware such as harmPower, Drokbk, and Soldier.
"The resolved IP address is like the real public IP address, but with slight modifications that allow BellaCiao to receive further instructions," Zugec explained.
"The best protection against modern attacks involves implementing a defense-in-depth architecture," Zugec concluded.
"The first step in this process is to reduce the attack surface, which involves limiting the number of entry points that attackers can use to gain access to your systems and prompt patching of newly discovered vulnerabilities."
News URL
https://thehackernews.com/2023/04/charming-kittens-new-bellaciao-malware.html
Related news
- Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine (source)
- Finland warns of Android malware attacks breaching bank accounts (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure (source)
- Malware botnet bricked 600,000 routers in mysterious 2023 attack (source)
- DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks (source)
- More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack (source)
- Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks (source)