
image credit: pxhere
Cybersecurity researchers from Symantec have discovered a brand new dropper that lurks for months before deploying backdoors, malware(opens in new tab), and other malicious tools.
In a blog post(opens in new tab), the company outlined the dropper, known as Geppei, which is apparently being used by Cranefly, a threat actor that was first described by Mandiant in May 2022.
Now, Symantec claims Cranefly is using Geppei to drop, among other things, the Danfuan malware – a brand new variant that’s yet to be thoroughly analyzed.