An espionage campaign has experienced a series of cyberattacks using a strain of a 13 year old backdoor trojan named Bandook. Check Point Research shows that Bandook was last spotted in 2015 and two to three years ago. The commodity malware’s digitally signed variants emerge in a variety of sectors including government, healthcare, food industry, education, and IT and legal sectors.
The fresh waves of attack includes a zip file of a malicious Microsoft Word document arriving on targets’ computers, which once opened, will download malicious macros using an external template feature. Experts believe that the multiple variants of Bandook, including its malware source code, command, and control infrastructure are managed by a group that sells access to nation-state hacking groups.
With new and re-emerging cyber threats, make sure that you are protected by hiring IT security solutions that are trusted and effective. Croyten offers a service that works and is sustainable. Check out our services through our website.