Hackers use stealthy ShellClient malware on aerospace, telco firms

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,176
Content source
https://www.bleepingcomputer.com/news/security/hackers-use-stealthy-shellclient-malware-on-aerospace-telco-firms/
Threat researchers investigating malware used to target companies in the aerospace and telecommunications sectors discovered a new threat actor that has been running cyber espionage campaigns since at least 2018.

Dubbed ShellClient, the malware is a previously undocumented remote access trojan (RAT) built with a focus on being stealthy and for “highly targeted cyber espionage operations.”

Researchers attributed ShellClient to MalKamak, a previously undisclosed threat actor that used it for reconnaissance operations and for stealing sensitive data from targets in the Middle East, the U.S., Russia, and Europe.
Click to expand...
In its investigation, Cybereason looked for details that would link ShellClient to a known adversary but concluded that the malware is operated by a new nation-state group they named MalKamak, which is likely connected to Iranian hackers, as indicated by code style overlap, naming conventions, and techniques.

“While some possible connections to known Iranian threat actors were observed, our conclusion is that MalKamak is a new and distinct activity group, with unique characteristics that distinguish it from the other known Iranian threat actors” - Cybereason
Click to expand...
www.bleepingcomputer.com

Hackers use stealthy ShellClient malware on aerospace, telco firms

Threat researchers investigating malware used to target companies in the aerospace and telecommunications sectors discovered a new threat actor that has been running cyber espionage campaigns since at least 2018.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Wow
Reactions: Andy Ful, Nevi, mkoundo and 3 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Lazarus hackers breach aerospace firm with new LightlessCan malware
Replies
0
Views
1,535
News Archive
silversurfer
silversurfer
[correlate]
    • Like
    • +Reputation
    • Wow
Hackers modify open-source ‘SapphireStealer’ malware, leading to multiple variants
Replies
0
Views
1,108
News Archive
[correlate]
[correlate]
vtqhtr413
    • +Reputation
    • Like
Novel Spy Group Targets Telecoms in 'Precision-Targeted' Cyberattacks
Replies
0
Views
598
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top