Security News > 2023 > September > Budworm hackers target telcos and govt orgs with custom malware
A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor.
The SysUpdate malware is a remote access trojan associated with Budworm since 2020, supporting Windows service, process, and file management, command execution, data retrieval, and screenshot capturing.
Over the past month, researchers have reported on other hacking groups breaching telecom companies to install custom malware named HTTPSnoop and LuaDream, with both malware infections providing backdoor access to the networks.
'Sandman' hackers backdoor telcos with new LuaDream malware.
Evasive Gelsemium hackers spotted in attack against Asian govt.
New stealthy and modular Deadglyph malware used in govt attacks.
News URL
Related news
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)