Security News > 2023 > October > Hackers backdoor Russian state, industrial orgs for data theft
Several state and key industrial organizations in Russia were attacked with a custom Go-based backdoor that performs data theft, likely aiding espionage operations.
Kaspersky first detected the campaign in June 2023, while in mid-August, the cybersecurity firm spotted a newer version of the backdoor that introduced better evasion, indicating ongoing optimization of the attacks.
To evade analysis, the malware performs username, system name, and directory checks to detect if it's running in a virtualized environment and exits if it does.
In mid-August, Kaspersky noticed a new variant of the backdoor that featured minor changes like the removal of some noisy preliminary checks and the addition of new file-stealing capabilities.
New 'MetaStealer' malware targets Intel-based macOS systems.
Russian Sandworm hackers breached 11 Ukrainian telcos since May. Women Political Leaders Summit targeted in RomCom malware phishing.
News URL
Related news
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks (source)
- Russian Sandworm hackers pose as hacktivists in water utility breaches (source)
- Hackers Target Middle East Governments with Evasive "CR4T" Backdoor (source)
- Russian Sandworm hackers targeted 20 critical orgs in Ukraine (source)
- Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) (source)
- Iranian hackers pose as journalists to push backdoor malware (source)
- Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator (source)
- Poland says Russian military hackers target its govt networks (source)
- Kimsuky hackers deploy new Linux backdoor via trojanized installers (source)