"OceanLotus" Spies Use New Backdoor in Recent Attacks

Discussion in '0-day Release' started by silversurfer, Mar 14, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    OceanLotus, a cyber-espionage group believed to be operating out of Vietnam, has been using a new backdoor in recently observed attacks, but also using previously established tactics, ESET reveals.

    One of the latest malware families used by the group is a fully-fledged backdoor that provides operators with remote access to compromised machines, along with the ability to manipulate files, registries, and processes, as well as the option to load additional components if needed.

    For distribution purposes, OceanLotus uses a two-stage attack that employs a dropper to gain initial foothold on the targeted system and prepare the stage for the backdoor, ESET explains in a new report (PDF).

    Full Article: https://www.securityweek.com/oceanlotus-spies-use-new-backdoor-recent-attacks
     
    Der.Reisende and RGiskardR like this.
  2. Google Adsense

Share This Page