Security News > 2023 > December > Hackers use new Agent Raccoon malware to backdoor US targets
A novel malware named 'Agent Raccoon' is being used in cyberattacks against organizations in the United States, the Middle East, and Africa.
Agent Raccoon is a.NET malware disguised as a Google Update or Microsoft OneDrive Updater that leverages the DNS protocol to establish a covert communication channel with the attackers' C2 infrastructure.
Unit 42 notes that while the malware itself lacks a persistence mechanism, their observations suggest that it is executed by scheduled tasks.
The analysts also note that they have captured different samples of Agent Raccoon with slight code variations and optimizations in its settings, indicating that the malware's authors are actively developing and adapting it to specific operational requirements.
ToddyCat hackers use 'disposable' malware to target Asian telecoms.
BlueNoroff hackers backdoor Macs with new ObjCShellz malware.
News URL
Related news
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)