The Latest in IT Security

Three New Malware Strains Linked to SolarWinds Hackers

05
Mar
2021
Three New Malware Strains Linked to SolarWinds Hackers

image credit: pexels

Microsoft has started tracking the threat actor behind the SolarWinds attack as NOBELIUM. The company has identified three new pieces of malware that it believes are used by the group after they have compromised the targeted organization’s network. The malware, named GoldMax, GoldFinder and Sibot, has been used to maintain persistence and for other “very specific” actions.

GoldMax, a malware developed in Go and designed to act as a command and control backdoor, persists by creating a scheduled task that impersonates system management software. The malware allows its operators to download and execute files on the compromised device, upload files to the C&C server, execute OS commands, spawn a command shell, and update the malware’s configuration data.

Read More

Comments are closed.

Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments