#ModularMalware

IRGC-Linked Hackers Package Modular Malware in Monolithic Trojan

by

August 20, 2024 at 05:06AM State-level Iranian APT TA453 (aka APT42) recently executed a phishing attack by disguising as the research director of ISW and engaging with an Israeli rabbi. They delivered a new monolithic PowerShell Trojan, “AnvilEcho,” bundling their previous espionage tools into a single script. This change aims to reduce malware download size … Read more

Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOs

by

February 15, 2024 at 10:52AM The Russia-sponsored APT group Turla launched a cyberespionage campaign targeting Polish NGOs, using a new backdoor named “TinyTurla-NG” with modular capabilities. The backdoor allows execution of PowerShell and Windows Command Line Interface commands, and a new implant, TurlaPower-NG, for exfiltrating files. Turla also employs old tactics like compromised WordPress-based websites … Read more