Daily Perk 2/11/2021

TrickBot Update: per Bleeping Computer.

TrickBot has levelled up again, this time making its well-equipped BazarBackdoor malware even more evasive but writing it in the Nim programming language, specifically the backdoor component. As conventional AV won’t be looking for this more obscure language just yet, don’t let it slip on in.

Military, Nuclear Entities Under Target by Novel Android Malware per Threatpost

More surveillance malware targeting Android users, the vast majority of mobile users. This malware can severely compromise a user’s safety by accessing SMS messages and encrypted messages from WhatsApp (widely used) as well as geolocation. People everywhere rely on encrypted messaging services and the ability to shield their location for personal protection. Attackers learn from each other and copy what works. Lessons in here to extrapolate and apply more broadly.

Impressive work by Lookout security researchers linking the surveillanceware to APT group Confucius in their latest report.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s