Security News > 2023 > October > Hackers backdoor Russian state, industrial orgs for data theft
Several state and key industrial organizations in Russia were attacked with a custom Go-based backdoor that performs data theft, likely aiding espionage operations.
Kaspersky first detected the campaign in June 2023, while in mid-August, the cybersecurity firm spotted a newer version of the backdoor that introduced better evasion, indicating ongoing optimization of the attacks.
To evade analysis, the malware performs username, system name, and directory checks to detect if it's running in a virtualized environment and exits if it does.
In mid-August, Kaspersky noticed a new variant of the backdoor that featured minor changes like the removal of some noisy preliminary checks and the addition of new file-stealing capabilities.
New 'MetaStealer' malware targets Intel-based macOS systems.
Russian Sandworm hackers breached 11 Ukrainian telcos since May. Women Political Leaders Summit targeted in RomCom malware phishing.
News URL
Related news
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- 100+ domains seized to stymie Russian Star Blizzard hackers (source)
- Pro-Ukrainian Hackers Strike Russian State TV on Putin's Birthday (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)