Security News > 2023 > September > ‘Sandman’ hackers backdoor telcos with new LuaDream malware

‘Sandman’ hackers backdoor telcos with new LuaDream malware
2023-09-21 19:50

A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.

SandMan has been seen deploying a new modular malware named 'LuaDream' in attacks using DLL hijacking on targeted systems.

Upon initialization, LuaDream connects to a C2 server and sends gathered information, including malware versions, IP/MAC addresses, OS details, etc.

While some of Sandman's custom malware and part of its C2 server infrastructure have been exposed, the threat actor's origin remains unanswered.

New SprySOCKS Linux malware used in cyber espionage attacks.

Hackers backdoor telecom providers with new HTTPSnoop malware.


News URL

https://www.bleepingcomputer.com/news/security/sandman-hackers-backdoor-telcos-with-new-luadream-malware/