Your Followed Topics

Top 1 kaspersky News Today

#1
This dangerous APT has expanded its skills with some new tools - here's what we know
#1 out of 1
technology8h ago

This dangerous APT has expanded its skills with some new tools - here's what we know

https://www.techradar.com/pro/security/this-dangerous-apt-has-expanded-its-skills-with-some-new-tools-heres-what-we-know
Techradar.com
  • Mustang Panda expanded its CoolClient backdoor with a brand-new rootkit and broader capabilities.
  • The updated malware is used against governments in Asia and Russia, with presence on Russian government devices.
  • New features include clipboard monitoring and HTTP proxy credential sniffing for stealthier data theft.
  • The backdoor now offers a remote shell plugin and a more capable file management plugin.
  • Kaspersky observed the updated CoolClient version in attacks against government entities in Asia, Myanmar, Mongolia, Malaysia, and Pakistan, and on Russian devices.
  • CoolClient evolved from logging keystrokes to encompassing clipboard data and stealthy exfiltration using legitimate cloud services.
  • The campaign continues to align with Chinese national interests focusing on cyber-espionage and data theft.
  • The updated toolkit includes an expanded plugin ecosystem and a remote-shell plugin for interactive command execution.
  • TechRadar notes the evolution of CoolClient as part of a broader set of tools used for espionage and data theft.
Vote 0
0

Explore Your Interests

Unlimited Access
Personalized Feed
Full Experience
or
By continuing, you agree to the Privacy Policy.. You also agree to receive our newsletters, you can opt-out any time.

Explore Your Interests

Create an account and enjoy content that interests you with your personalized feed

Unlimited Access
Personalized Feed
Full Experience
or
By continuing, you agree to the Privacy Policy.. You also agree to receive our newsletters, you can opt-out any time.

Advertisement

Advertisement