Security News > 2023 > September > Hackers backdoor telecom providers with new HTTPSnoop malware
New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands on infected devices.
The HTTPSnoop malware interfaces with Windows HTTP kernel drivers and devices to execute content on the infected endpoint based on specific HTTP(S) URLs, and the PipeSnoop accepts and executes arbitrary shellcode from a named pipe.
HTTPSnoop uses low-level Windows APIs to monitor HTTP(S) traffic on an infected device for specific URLs.
Iranian hackers backdoor 34 orgs with new Sponsor malware.
New malware infects business routers for data theft, surveillance.
CISA: New Submarine malware found on hacked Barracuda ESG appliances.
- Iranian hackers backdoor 34 orgs with new Sponsor malware (source)
- ‘Sandman’ hackers backdoor telcos with new LuaDream malware (source)
- Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor (source)
- Hackers use new malware to breach air-gapped devices in Eastern Europe (source)
- Hackers can abuse Microsoft Office executables to download malware (source)
- Hackers use VPN provider's code certificate to sign malware (source)
- GRU hackers attack Ukrainian military with new Android malware (source)
- ShroudedSnooper's HTTPSnoop Backdoor Targets Middle East Telecom Companies (source)
- Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack (source)
- Telecom firms hit with novel backdoors disguised as security software (source)