By Ionut Arghire on November 09, 2018 A malicious group known as the “Inception” attackers has been using a year-old Office exploit and a new backdoor in recent attacks, Palo Alto Networks security researchers warn.
Active since at least 2014, the group has used custom malware and against targets spanning various industries worldwide, with a special interest in Russia.
In October 2018, the threat actor was observed hitting various European targets in attacks employing an exploit for a vulnerability (CVE-2017-11882) that Microsoft patched in November 2017. Furthermore, the hackers were using a new PowerShell backdoor dubbed POWERSHOWER, which revealed high attention to detail in terms of cleaning up after infection.
Full Article.
"Inception Attackers" Combine Old Exploit and New Backdoor
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.