A politically motivated hacker group tied to a series of espionage and sabotage attacks on Israeli entities in 2021 incorporated a previously undocumented remote access trojan (RAT) that masquerades as the Windows Calculator app as part of a conscious effort to stay under the radar.
Cybersecurity company Cybereason, which has been tracking the operations of the Iranian actor known as Moses Staff, dubbed the malware "StrifeWater."
"The StrifeWater RAT appears to be used in the initial stage of the attack and this stealthy RAT has the ability to remove itself from the system to cover the Iranian group's tracks," Tom Fakterman, Cybereason security analyst, said in a report. "The RAT possesses other capabilities, such as command execution and screen capturing, as well as the ability to download additional extensions."
Moses Staff came to light towards the end of last year when Check Point Research unmasked a series of attacks aimed at Israeli organizations since September 2021 with the objective of disrupting the targets' business operations by encrypting their networks, with no option to regain access or negotiate a ransom.
The intrusions were notable for the fact that they relied on the open-source library DiskCryptor to perform volume encryption, in addition to infecting the systems with a bootloader that prevents them from starting without the correct encryption key.
To date, victims have been reported beyond Israel, including Italy, India, Germany, Chile, Turkey, the U.A.E., and the U.S.
The new piece of the attack puzzle discovered by Cybereason comes in the form of a RAT that's deployed under the name "calc.exe" (the Windows Calculator binary) and is used during the early stages of the infection chain, only to be removed prior to the deployment of the file-encrypting malware.
The removal and the subsequent replacement of the malicious calculator executable with the legitimate binary, the researchers suspect, is an attempt on the part of the threat actor to cover up tracks and erase evidence of the trojan, not to mention enable them to evade detection until the final phase of the attack when the ransomware payload is executed.
StrifeWater, for its part, is no different from its counterparts and comes with numerous features, chief among them being the ability to list system files, execute system commands, take screen captures, create persistence, and download updates and auxiliary modules.
"The end goal for Moses Staff appears to be more politically motivated rather than financial," Fakterman concluded. "Moses Staff employs ransomware post-exfiltration not for financial gain, but to disrupt operations, obfuscate espionage activity, and to inflict damage to systems to advance Iran's geopolitical goals."
Related articles- Blackhat Hacker Tools
- Pentest Tools Kali Linux
- Hacker Tools For Mac
- Hack Tools Mac
- Hacker Tools For Windows
- Pentest Tools Tcp Port Scanner
- Pentest Tools Online
- Pentest Tools Bluekeep
- Hacker Tools Linux
- Bluetooth Hacking Tools Kali
- Hack Tools Download
- Termux Hacking Tools 2019
- Bluetooth Hacking Tools Kali
- Hacker Techniques Tools And Incident Handling
- Nsa Hacker Tools
- Best Hacking Tools 2019
- Hacking Tools Windows
- Pentest Tools Website Vulnerability
- Pentest Tools Free
- Hacking Tools 2020
- Pentest Tools Windows
- Hacking Tools For Mac
- Hack Tools For Games
- Hack Tools For Windows
- Hack Tools
- Usb Pentest Tools
- Tools Used For Hacking
- Hacker Tools For Mac
- Android Hack Tools Github
- Easy Hack Tools
- Hack Tool Apk No Root
- Hacking Apps
- Hacking Tools Name
- Pentest Tools Review
- Hackrf Tools
- Hackers Toolbox
- Hack App
- Hack Tools For Games
- Hacking Apps
- Hackrf Tools
- Pentest Tools Review
- Hacking App
- Hack Tools 2019
- Hacking Tools 2020
- Hacking Tools Free Download
- Pentest Tools Alternative
- Hacking Tools Download
- Best Hacking Tools 2020
- Pentest Tools Online
- Growth Hacker Tools
- Best Hacking Tools 2019
- Android Hack Tools Github
- What Are Hacking Tools
- Hack Tools Online
- Pentest Tools Alternative
- Hacking Tools Download
- Pentest Tools Free
- Pentest Tools For Mac
- Hacker Tools For Ios
- Pentest Tools Subdomain
- Hacker Tools Software
- Pentest Tools Android
- Hacker Hardware Tools
- Best Pentesting Tools 2018
- Hack Website Online Tool
- Pentest Tools Online
- Ethical Hacker Tools
- Hacking Tools Online
- Pentest Tools Download
- Hack And Tools
- Github Hacking Tools
- Hacker Tools 2020
- How To Install Pentest Tools In Ubuntu
- Hacking Tools 2020
- Hacker Tools Free Download
- Pentest Tools For Windows
- Hacking Tools Free Download
- Hacker Tools Windows
- Hacking Tools Mac
- Best Hacking Tools 2019
- Hacking Tools Windows
- Hack Tools
- Termux Hacking Tools 2019
- Hacker Tool Kit
- Hack Tool Apk No Root
- Hack Apps
- Hacker Tools For Pc
- Wifi Hacker Tools For Windows
- New Hacker Tools
- How To Install Pentest Tools In Ubuntu
- Hack Website Online Tool
- Hacking Tools Name
- Hacker Tools List
- Hack Tools For Games
- Hacker Tools Windows
- Hacker Tools Linux
- Best Hacking Tools 2020
- Hacker Tools Apk Download
- Pentest Reporting Tools
- Hacker Tools For Mac
- Hak5 Tools
- Best Hacking Tools 2019
- Android Hack Tools Github
- Hacking Tools Online
- Game Hacking
- Hacker Tools Linux
- Hack Tools For Ubuntu
- Pentest Tools Linux
- Hacking Tools For Windows 7
- Hack Rom Tools
- Termux Hacking Tools 2019
- Hak5 Tools
- Hacking Tools For Pc
- Pentest Tools Apk
- New Hacker Tools
- Pentest Tools For Windows
- Hack Tools For Windows
- Pentest Tools Android
- New Hack Tools
- Hacker Tools Free
- Hacking Tools Github
- Hacking Tools Windows
- Hacking Tools Windows 10
- Android Hack Tools Github
- Wifi Hacker Tools For Windows
- Hacking Tools And Software
- Best Pentesting Tools 2018
- Hacker Tools Online
- Tools Used For Hacking
- Hacker Hardware Tools
- How To Make Hacking Tools
- Hack Tools
- Hacker Tools Github
- Hacking Tools Online
- Pentest Reporting Tools
- Pentest Tools Subdomain
- Hack And Tools
- Hacking Tools For Pc
- Hackrf Tools
- Hacker Security Tools
- Hacking Tools For Windows Free Download
- Hacking Tools Online
- Hacking Tools For Mac
- Hak5 Tools
- Hacker Tools Apk Download
- Pentest Tools For Ubuntu
- Hacker Tools 2020
- Hacking Tools 2020
- Pentest Tools Free
- Usb Pentest Tools
- Pentest Tools Online
- Hack Tools Online
- Tools 4 Hack
- Hacker Tools Linux
- Hack Tools Online
- Hacking Tools Windows 10
- Hacker Tools For Pc
- Hacker Tools For Mac
- Game Hacking
- Android Hack Tools Github
- Hacker Tools 2019
- Pentest Tools Framework
- Black Hat Hacker Tools
- Hacking Tools Free Download
- Ethical Hacker Tools
- Hacking Tools For Windows 7
- Hacker Techniques Tools And Incident Handling
- Hack Tools Mac
- Pentest Tools Android
- Hacking Tools 2020
- How To Hack
- How To Hack
- Pentest Tools For Windows
No comments:
Post a Comment