'FadeStealer': North Korean Hackers Wiretap Conversations with New Malware

[cheeztoshobo]

Summary

 The North Korean hacking group APT37, also known as StarCruft, has been using a new information-stealing malware called 'FadeStealer,' which includes a wiretapping feature to eavesdrop on victims' conversations through their microphones. The group targets North Korean defectors, educational institutions, and EU-based organizations, and employs phishing emails with password-protected documents to deliver the malware.

 

Quotes

Quote

"Ultimately, the backdoors deploy a final payload in the form of 'FadeStealer,' an information-stealing malware capable of stealing a wide variety of information from Windows devices. When installed, FadeStealer is injected using DLL sideloading into the legitimate Internet Explorer 'ieinstall.exe' process and begins stealing data from the device and storing them in RAR archives every 30 minutes. The data includes screenshots, logged keystrokes, files collected from connected smartphones, and removable devices. The malware also includes the ability to record audio from a connected microphone, enabling the threat actors to listen in on conversations."

 

My thoughts

 The use of wiretapping capabilities in malware highlights the increasing sophistication and privacy concerns associated with cyberattacks. It is a reminder of the importance of maintaining strong security measures, such as regularly updating software and being cautious of phishing attempts, to protect against such threats. Organizations and individuals need to remain vigilant and proactive in their cybersecurity practices to mitigate the risks posed by advanced hacking groups.

 

Sources

https://www.bleepingcomputer.com/news/security/apt37-hackers-deploy-new-fadestealer-eavesdropping-malware/

[Dutch_Master]

21 minutes ago, cheeztoshobo said:

Windows devices

4da Win! (<- pun intended )

 

I was gonna say something 'bout IE users, but as this is a family-friendly forum I won't