APT Group’s Worldwide Targeting of Small and Medium Businesses Revealed


Level 85
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Aug 17, 2014
A detailed analysis of the APT group DeathStalker has been published today by Kaspersky, highlighting the scale of its operations throughout the world, from Europe to Latin America.

The hacker-for-hire organization is known to have been active since at least 2012, primarily focusing on small and medium firms in the financial sector through commercial cyber-espionage campaigns.

Kaspersky said the research demonstrates that small and medium sized companies, as well as larger businesses and government organizations, must be prepared to deal with the threats posed by APT actors such as DeathStalker.

Through tracking the group from 2018, Kaspersky has been able to link its activities to the three malware families Powersing, Evilnum and Janicub, with “medium confidence.”

DeathStalker’s main method of attack is to deliver archives containing malicious files through tailored spear-phishing emails. A malicious script is executed and further components are downloaded from the internet when a user clicks the shortcut, which gives the attackers control of the victim’s machine.
Full report below by Kaspersky:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.