Minggu, 21 Januari 2024

Iranian Hackers Using New PowerShell Backdoor In Cyber Espionage Attacks

 


An advanced persistent threat group with links to Iran has updated its malware toolset to include a novel PowerShell-based implant called PowerLess Backdoor, according to new research published by Cybereason.

The Boston-headquartered cybersecurity company attributed the malware to a hacking group known as Charming Kitten (aka Phosphorous, APT35, or TA453), while also calling out the backdoor's evasive PowerShell execution.

"The PowerShell code runs in the context of a .NET application, thus not launching 'powershell.exe' which enables it to evade security products," Daniel Frank, senior malware researcher at Cybereason, said. "The toolset analyzed includes extremely modular, multi-staged malware that decrypts and deploys additional payloads in several stages for the sake of both stealth and efficacy."

The threat actor, which is active since at least 2017, has been behind a series of campaigns in recent years, including those wherein the adversary posed as journalists and scholars to deceive targets into installing malware and stealing classified information.


Earlier this month, Check Point Research disclosed details of an espionage operation that involved the hacking group exploiting the Log4Shell vulnerabilities to deploy a modular backdoor dubbed CharmPower for follow-on attacks.

The latest refinements to its arsenal, as spotted by Cybereason, constitutes an entirely new toolset that encompasses the PowerLess Backdoor, which is capable of downloading and executing additional modules such as a browser info-stealer and a keylogger.

Also potentially linked to the same developer of the backdoor are a number of other malware artifacts, counting an audio recorder, an earlier variant of the information stealer, and what the researchers suspect to be an unfinished ransomware variant coded in .NET.

Furthermore, infrastructure overlaps have been identified between the Phosphorus group and a new ransomware strain called Memento, which first emerged in November 2021 and took the unusual step of locking files within password-protected archives, followed by encrypting the password and deleting the original files, after their attempts to encrypt the files directly were blocked by endpoint protection.

"The activity of Phosphorus with regard to ProxyShell took place in about the same time frame as Memento," Frank said. "Iranian threat actors were also reported to be turning to ransomware during that period, which strengthens the hypothesis that Memento is operated by an Iranian threat actor."

More information
  1. Pentest Tools Online
  2. Hack Tools For Windows
  3. Hacker Tools For Ios
  4. Pentest Tools Free
  5. Pentest Tools For Mac
  6. Hacking Tools
  7. Black Hat Hacker Tools
  8. Easy Hack Tools
  9. New Hack Tools
  10. Hacking Tools Free Download
  11. Pentest Tools List
  12. Pentest Tools Github
  13. Hack Tools
  14. Hacking Tools For Windows
  15. Hacker Tools For Mac
  16. Hacking Tools Kit
  17. Pentest Tools Website Vulnerability
  18. Nsa Hack Tools Download
  19. How To Install Pentest Tools In Ubuntu
  20. Hacker Tools Hardware
  21. Hacker Tools 2019
  22. Growth Hacker Tools
  23. Hackers Toolbox
  24. Hak5 Tools
  25. Hacking Tools Software
  26. Hacker Tools 2020
  27. Hack Website Online Tool
  28. Hack And Tools
  29. Hacking Tools Hardware
  30. Pentest Tools Subdomain
  31. How To Hack
  32. Hacks And Tools
  33. Hacker Tools List
  34. Pentest Tools Free
  35. Growth Hacker Tools
  36. Pentest Tools Subdomain
  37. Android Hack Tools Github
  38. Pentest Tools
  39. Ethical Hacker Tools
  40. Android Hack Tools Github
  41. Hack Tools Pc
  42. Hack Website Online Tool
  43. Nsa Hacker Tools
  44. Hacking Apps
  45. Pentest Tools Alternative
  46. Pentest Tools Url Fuzzer
  47. Hacking Tools Free Download
  48. Tools Used For Hacking
  49. Nsa Hack Tools Download
  50. What Are Hacking Tools
  51. Hacking Tools For Mac
  52. Physical Pentest Tools
  53. Hacking Tools For Games
  54. Pentest Tools For Ubuntu
  55. Hack Tool Apk
  56. Hacker Tools 2020
  57. Pentest Tools For Windows
  58. Install Pentest Tools Ubuntu
  59. Kik Hack Tools
  60. Hacking Tools Kit
  61. Pentest Tools Port Scanner
  62. Hacking Tools Github
  63. What Is Hacking Tools
  64. Hacking Tools For Mac
  65. Hacker Security Tools
  66. Pentest Tools Framework
  67. Hacking Tools 2019
  68. Hackers Toolbox
  69. Pentest Recon Tools
  70. Tools For Hacker
  71. Hacker Tools Hardware
  72. Easy Hack Tools
  73. Pentest Tools Open Source
  74. How To Make Hacking Tools
  75. Tools 4 Hack
  76. Hack Tools Pc
  77. Pentest Tools Online
  78. Hacker Tools For Mac
  79. Hack Tools Mac
  80. Hacking App
  81. Computer Hacker
  82. Black Hat Hacker Tools
  83. Hack Tool Apk No Root
  84. Hack Tools Download
  85. Hack And Tools
  86. Physical Pentest Tools
  87. Pentest Tools Url Fuzzer
  88. Pentest Automation Tools
  89. Top Pentest Tools
  90. Pentest Tools Subdomain
  91. Pentest Tools List
  92. Hacker Tools For Pc
  93. Hacking Tools Mac
  94. Nsa Hacker Tools
  95. Hackrf Tools
  96. Pentest Tools Windows
  97. Android Hack Tools Github
  98. Hacker Tools
  99. Termux Hacking Tools 2019
  100. World No 1 Hacker Software
  101. Best Hacking Tools 2019
  102. How To Hack
  103. Best Pentesting Tools 2018
  104. Pentest Tools
  105. Hacking Tools For Mac
  106. Pentest Tools Url Fuzzer
  107. Growth Hacker Tools
  108. Hacking Tools Pc
  109. Hacking Tools For Games
  110. Hackers Toolbox
  111. Hacking Tools For Beginners
  112. Hacking Tools For Pc
  113. Physical Pentest Tools
  114. Hacking Tools Usb
  115. Hacking Tools Software
  116. Pentest Tools Tcp Port Scanner
  117. Hacking App
  118. Ethical Hacker Tools
  119. Hacker Tools Windows
  120. New Hack Tools
  121. Pentest Tools Apk
  122. Hacker Search Tools
  123. Kik Hack Tools
  124. Hacker Tools For Windows
  125. Install Pentest Tools Ubuntu
  126. Hacking Tools For Windows Free Download
  127. Hacking Tools Software
  128. Hacking Tools For Beginners
  129. Hacker Tools For Windows
  130. Hacking Apps
  131. Hacker Tools For Windows
  132. Hacking Tools And Software
  133. Hacking Tools Download
  134. Growth Hacker Tools
  135. How To Hack
  136. Hack Tools 2019
  137. Pentest Tools Github
  138. Hacking Tools Kit
  139. Hacking Tools Mac
  140. Hacking Tools 2019
  141. Pentest Tools Download
  142. Growth Hacker Tools
  143. Hacking Apps
  144. Hack Rom Tools
  145. Pentest Tools Tcp Port Scanner
  146. Hacking Tools For Pc
  147. Hacker Tools Free
  148. Hack Tool Apk No Root
  149. Pentest Box Tools Download
  150. Hack Tool Apk No Root
  151. Top Pentest Tools
  152. Pentest Tools Framework
  153. Github Hacking Tools
  154. Hacker Search Tools
  155. Hacking Tools Windows
  156. Hack Tools For Pc
  157. Hack Tools For Mac
  158. Nsa Hacker Tools
  159. Hack Tools
  160. Pentest Tools Windows
  161. Hacking Apps
  162. Hacker Tools For Ios
  163. Pentest Tools Port Scanner
  164. Hack Tools For Windows
  165. Hacker Tools Free
  166. Hack Tools For Pc
  167. Hacking Tools For Games
  168. Pentest Tools Framework
  169. Bluetooth Hacking Tools Kali
  170. How To Install Pentest Tools In Ubuntu
  171. Hack Apps
Posted By: caritanews On 08.15 In  

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)