A state-sponsored cyber espionage group is targeting telecommunications and aerospace companies through a sophisticated social engineering campaign on professional networking sites. Posing as recruiters, the attackers lure employees with fake job opportunities to build trust before deploying a modular backdoor. This malware uses advanced evasion techniques, including victim-specific customization and DLL side-loading, to remain undetected. The primary goal is to establish long-term persistence for strategic espionage, allowing the attackers to steal sensitive data like credentials, emails, and proprietary information. The operation has successfully compromised dozens of devices across multiple international organizations, highlighting a significant threat to critical infrastructure.
Latest mentioned: 09-19
Earliest mentioned: 09-19