silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,176
Read more below:A recently observed campaign from the Zebrocy APT operators relied on a revamped backdoor to maintain access to victim hosts and extract profiling information.
The backdoor comes with previously seen capabilities but the operators used a Golang-based version instead of the variant written in Delphi, which security researchers were familiar with.
Zebrocy is a toolkit of downloaders, droppers, and backdoors, that is associated with the Russian-speaking advanced threat group Sednit; the hackers are also known by the names APT28, Fancy Bear, Sofacy, Group 74, and STRONTIUM and run cyber-espionage operations.
Zebrocy Infects Targets with New Golang-Based Backdoor via Dropbox
A recently observed campaign from the Zebrocy APT operators relied on a revamped backdoor to maintain access to victim hosts and extract profiling information.
www.bleepingcomputer.com
No summer vacations for Zebrocy as Sednit expands its malware toolset
ESET researchers break down new components in the Zebrocy malware family that the Sednit group has deployed in a recent campaign.
www.welivesecurity.com