Digitally Signed Bandook Malware Once Again Targets Multiple Sectors

Correlate

Level 16
Thread author
Verified
Top poster
Well-known
May 4, 2019
751
A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan.

Check Point Research called out hackers affiliated with a group named Dark Caracal in a new report published yesterday for their efforts to deploy "dozens of digitally signed variants" of the Bandook Windows Trojan over the past year, thus once again "reigniting interest in this old malware family."

The different verticals singled out by the threat actor include government, financial, energy, food industry, healthcare, education, IT, and legal institutions located in Chile, Cyprus, Germany, Indonesia, Italy, Singapore, Switzerland, Turkey, and the US.
Digitally Signed Bandook Malware Once Again Targets Multiple Sectors (thehackernews.com)
 

silversurfer

Level 85
Verified
Honorary Member
Top poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
7,788
1606486955727.png