Cybersecurity researchers discovered a brand new file malwareStress for Windows is capable to steal sensitive data from any device connected to it, including mobile phones. It appears to be used in conjunction with the North Korean government.
ESET experts claimed that they had discovered a previously unknown inventor called Dolphin. A threat actor known as APT 37 or Erebus is using Dolphin to attack the North Korean government. Researchers claim that the group has been active for almost a decade.
The dolphin was first seen in April 2021. However, he has since grown to be quite the beast. He can now steal information from websites. browsers (stored passwords, credit card data, etc.), taking screenshots of infected people endpointsYou can also log all keystrokes.
Google Drive – Send everything to Google Drive
The malware sends all collected data to Google Drive, where it receives its commands.
Dolphin also collects information about your computer, such as your name, local, and external IP addresses. Endpoint security solutionsHardware specifications and OS version.
It scans all removable and local drives for sensitive data (documents. emails. photos. videos.), as well as smartphones. ESET states that this is possible because of the Windows Portable Device API.
There have been four versions of the malware that have been identified in the wild. The latest version, 3.0, was released in January 2022.
North Korea is quite active on the cybercrime scene with two major state sponsored groups wreaking havoc in the digital world. Perhaps the most famous example of cybercrime is Lazarus Group, which managed to steal about $600 million from cryptocurrency firm Ronin Bridge. According to intelligence reports, North Korean cybercriminals are funding their operations with cybercriminals’ tools.
Across: Computer(Opens in a new window)
Source link
[Denial of responsibility! reporterbyte.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – reporterbyte.com The content will be deleted within 24 hours.]