Security News > 2023 > September > Hackers backdoor telecom providers with new HTTPSnoop malware
2023-09-19 15:14
New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands on infected devices.
The HTTPSnoop malware interfaces with Windows HTTP kernel drivers and devices to execute content on the infected endpoint based on specific HTTP(S) URLs, and the PipeSnoop accepts and executes arbitrary shellcode from a named pipe.
HTTPSnoop uses low-level Windows APIs to monitor HTTP(S) traffic on an infected device for specific URLs.
Iranian hackers backdoor 34 orgs with new Sponsor malware.
New malware infects business routers for data theft, surveillance.
CISA: New Submarine malware found on hacked Barracuda ESG appliances.
News URL
Related news
- Iranian hackers pose as journalists to push backdoor malware (source)
- Russian Hackers Use 'WINELOADER' Malware to Target German Political Parties (source)
- Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite (source)
- Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware (source)
- China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations (source)
- Vietnam-Based Hackers Steal Financial Data Across Asia with Malware (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks (source)
- Hackers Target Middle East Governments with Evasive "CR4T" Backdoor (source)
- Hackers hijack antivirus updates to drop GuptiMiner malware (source)