Hackers always amaze me,
Their ability to adapt and innovate is unbelievable
From the article:
Once APT29 has access to a target network and deems it worthy, it deploys Hammertoss, which communicates through URLs seeded in social media accounts—Twitter in particular—and makes use of steganography in images stored on GitHub or compromised websites to retrieve encrypted instructions.
“It’s unique in its ability to lay low, and thwart defenses.”
“When you look at the flow, from Twitter to GitHub to cloud storage, from a defender’s perspective, that’s not going to look malicious,” said Jordan Berry, threat intelligence analyst at FireEye.
“In this case, there’s no compromised infrastructure to look for and block because they created their own workaround.”
For more info:
https://threatpost.com/new-hammertoss-espionage-tool-tied-to-miniduke-gang/113996
No comments:
Post a Comment