Security News > 2023 > September > Budworm hackers target telcos and govt orgs with custom malware
A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor.
The SysUpdate malware is a remote access trojan associated with Budworm since 2020, supporting Windows service, process, and file management, command execution, data retrieval, and screenshot capturing.
Over the past month, researchers have reported on other hacking groups breaching telecom companies to install custom malware named HTTPSnoop and LuaDream, with both malware infections providing backdoor access to the networks.
'Sandman' hackers backdoor telcos with new LuaDream malware.
Evasive Gelsemium hackers spotted in attack against Asian govt.
New stealthy and modular Deadglyph malware used in govt attacks.
News URL
Related news
- FIN7 hackers launch deepfake nude “generator” sites to spread malware (source)
- N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- Unpatched Mazda Connect bugs let hackers install persistent malware (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Chinese hackers target Linux with new WolfsBane malware (source)