One of the world’s most advanced hacking groups debuts new Titanium backdoor

by
Dan Goodin
from Ars Technica - All content on (#4TWR7)
titanium-800x503.jpeg

Enlarge (credit: https://de.wikipedia.org/wiki/Benutzer:Alchemist-hp#/media/Datei:Titan-crystal_bar.JPG)

One of the world's most most technologically advanced hacking groups has a new backdoor that's every bit as sophisticated as its creators.

Dubbed Titanium by the Kaspersky Lab security researchers who discovered it, the malware is the final payload delivered in a long and convoluted attack sequence. The attack chain uses a host of clever tricks to evade antivirus protection. Those tricks include encryption, mimicking of common device drivers and software, memory-only infections, and a series of droppers that execute the malicious code a multi-staged sequence. Yet another means of staying under the radar is hidden data delivered steganographically in a PNG image.

Named after a password used to encrypt a malicious archive, Titanium was developed by Platinum, a so-called advanced persistent threat group that focuses hacks on the Asia-Pacific region, most likely on behalf of a nation.

Read 4 remaining paragraphs | Comments

index?i=VBSZ8BxFaHU:vBIByhLnm8M:V_sGLiPB index?i=VBSZ8BxFaHU:vBIByhLnm8M:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments