Security News > 2023 > September > ‘Sandman’ hackers backdoor telcos with new LuaDream malware
A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.
SandMan has been seen deploying a new modular malware named 'LuaDream' in attacks using DLL hijacking on targeted systems.
Upon initialization, LuaDream connects to a C2 server and sends gathered information, including malware versions, IP/MAC addresses, OS details, etc.
While some of Sandman's custom malware and part of its C2 server infrastructure have been exposed, the threat actor's origin remains unanswered.
New SprySOCKS Linux malware used in cyber espionage attacks.
Hackers backdoor telecom providers with new HTTPSnoop malware.
News URL
Related news
- Chinese hackers use new data theft malware in govt attacks (source)
- North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware (source)
- North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware (source)
- Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware (source)
- Hackers deploy AI-written malware in targeted attacks (source)
- N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks (source)
- FIN7 hackers launch deepfake nude “generator” sites to spread malware (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware (source)