Security News > 2023 > October > Hackers backdoor Russian state, industrial orgs for data theft
Several state and key industrial organizations in Russia were attacked with a custom Go-based backdoor that performs data theft, likely aiding espionage operations.
Kaspersky first detected the campaign in June 2023, while in mid-August, the cybersecurity firm spotted a newer version of the backdoor that introduced better evasion, indicating ongoing optimization of the attacks.
To evade analysis, the malware performs username, system name, and directory checks to detect if it's running in a virtualized environment and exits if it does.
In mid-August, Kaspersky noticed a new variant of the backdoor that featured minor changes like the removal of some noisy preliminary checks and the addition of new file-stealing capabilities.
New 'MetaStealer' malware targets Intel-based macOS systems.
Russian Sandworm hackers breached 11 Ukrainian telcos since May. Women Political Leaders Summit targeted in RomCom malware phishing.
News URL
Related news
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- Salt Typhoon hackers backdoor telcos with new GhostSpider malware (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)