Transparency Myanmar

transparency.myanmar@gmail.com

Iranian Hackers Using New PowerShell Backdoor In Cyber Espionage Attacks

Posted by Transparency Myanmar 2010
Sunday, June 4, 2023
comments (0)

 


An advanced persistent threat group with links to Iran has updated its malware toolset to include a novel PowerShell-based implant called PowerLess Backdoor, according to new research published by Cybereason.

The Boston-headquartered cybersecurity company attributed the malware to a hacking group known as Charming Kitten (aka Phosphorous, APT35, or TA453), while also calling out the backdoor's evasive PowerShell execution.

"The PowerShell code runs in the context of a .NET application, thus not launching 'powershell.exe' which enables it to evade security products," Daniel Frank, senior malware researcher at Cybereason, said. "The toolset analyzed includes extremely modular, multi-staged malware that decrypts and deploys additional payloads in several stages for the sake of both stealth and efficacy."

The threat actor, which is active since at least 2017, has been behind a series of campaigns in recent years, including those wherein the adversary posed as journalists and scholars to deceive targets into installing malware and stealing classified information.


Earlier this month, Check Point Research disclosed details of an espionage operation that involved the hacking group exploiting the Log4Shell vulnerabilities to deploy a modular backdoor dubbed CharmPower for follow-on attacks.

The latest refinements to its arsenal, as spotted by Cybereason, constitutes an entirely new toolset that encompasses the PowerLess Backdoor, which is capable of downloading and executing additional modules such as a browser info-stealer and a keylogger.

Also potentially linked to the same developer of the backdoor are a number of other malware artifacts, counting an audio recorder, an earlier variant of the information stealer, and what the researchers suspect to be an unfinished ransomware variant coded in .NET.

Furthermore, infrastructure overlaps have been identified between the Phosphorus group and a new ransomware strain called Memento, which first emerged in November 2021 and took the unusual step of locking files within password-protected archives, followed by encrypting the password and deleting the original files, after their attempts to encrypt the files directly were blocked by endpoint protection.

"The activity of Phosphorus with regard to ProxyShell took place in about the same time frame as Memento," Frank said. "Iranian threat actors were also reported to be turning to ransomware during that period, which strengthens the hypothesis that Memento is operated by an Iranian threat actor."

Related posts
  1. Hacking Tools For Kali Linux
  2. Hacking Tools
  3. Hacking Tools
  4. Computer Hacker
  5. Blackhat Hacker Tools
  6. Hacker Tools For Ios
  7. Hacker Tools
  8. Hacking Tools Usb
  9. Top Pentest Tools
  10. Nsa Hack Tools Download
  11. Pentest Tools Github
  12. Hack Tools For Ubuntu
  13. Hacker Hardware Tools
  14. Tools 4 Hack
  15. Hacking Tools Free Download
  16. Best Pentesting Tools 2018
  17. Pentest Tools
  18. Pentest Tools Online
  19. Hacking Tools For Mac
  20. Pentest Tools
  21. Pentest Tools Subdomain
  22. Pentest Tools Tcp Port Scanner
  23. Pentest Automation Tools
  24. Hacker Search Tools
  25. Nsa Hack Tools
  26. Pentest Tools Free
  27. New Hacker Tools
  28. Hacker Tools
  29. Pentest Tools Apk
  30. Pentest Tools Open Source
  31. Hack Tools Download
  32. Hacker Tools Free Download
  33. Hacker Security Tools
  34. Github Hacking Tools
  35. Pentest Tools Apk
  36. Github Hacking Tools
  37. Best Hacking Tools 2020
  38. Pentest Tools Windows
  39. New Hack Tools
  40. Blackhat Hacker Tools
  41. Tools Used For Hacking
  42. What Is Hacking Tools
  43. Hacker Search Tools
  44. Tools 4 Hack
  45. Hacking Tools Windows 10
  46. Hack Rom Tools
  47. Pentest Tools For Android
  48. Hacker
  49. Hacking App
  50. Hacking Apps
  51. Hacking Tools For Beginners
  52. Hack Tools Download
  53. Hacker Tools Mac
  54. Pentest Tools Alternative
  55. Github Hacking Tools
  56. Pentest Tools For Ubuntu
  57. Pentest Tools Github
  58. Hacking Tools For Pc
  59. Tools Used For Hacking
  60. Nsa Hacker Tools
  61. Hacking Tools Windows 10
  62. Game Hacking
  63. New Hack Tools
  64. Kik Hack Tools
  65. Pentest Tools Tcp Port Scanner
  66. Hack Tools For Windows
  67. World No 1 Hacker Software
  68. Black Hat Hacker Tools
  69. Hak5 Tools
  70. Hacking Tools For Kali Linux
  71. Hacking Apps
  72. Hack Tools For Ubuntu
  73. Hacker Tools Free Download
  74. Computer Hacker
  75. Pentest Tools Website Vulnerability
  76. Pentest Tools Bluekeep
  77. Kik Hack Tools
  78. Tools For Hacker
  79. Nsa Hack Tools Download
  80. Pentest Tools Kali Linux

TOP ANDROID HACKING TOOLS OF 2018

Posted by Transparency Myanmar 2010
comments (0)

An Android remote administration tool (RAT) is a programmed tool that allows a remote device to control a smartphone as if they have physical access to that system. While screen sharing and remote administration have many legal uses, "RAT" software is usually associated with the unauthorized or malicious activity. I have streamlined here top android hacking tools of 2018.

TOP ANDROID HACKING TOOLS OF 2018

Here are the most advanced in functionality top android hacking tools of 2018.

1. DROIDJACK

DroidJack gives you the power to establish control over your beloveds' Android devices with an easy to use GUI and all the features you need to monitor them. It has many advanced features that you can perform over the remote smartphone. DroidJack is one of the top lists as it also has the functionality to read/write WhatsApp messages.

You can also follow a step by step tutorial on how to hack smartphone remotely using droidjack.

2. OMNIRAT

OmniRAT is the super powerful multi-OS remote administration tool that can a smartphone either using a smartphone or using a Windows or Mac PC. It has a huge list of features that make it very powerful. It can make calls through that smartphone remotely. It's completely fully undetectable.

3. ANDRORAT

AndroRat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server. The name AndroRat is a mix of Android and RAT (Remote Access Tool). It was developed as a project by the university students, which works great for hacking into Android devices.

You can also follow a step by step tutorial on how to hacking a smartphone remotely using androrat.

4. SPYNOTE

SpyNote is a lightweight Android remote administration tool (RAT) to hack into a smartphone device remotely. It gives you the power to establish control over Android devices with an easy to use GUI and all the features you need to monitor them. Build a custom APK or bind the payload to an already existing APK such as a game or social media app.

You can also follow a step by step tutorial on how to hack any android phone remotely with spynote.

5. AHMYTH

AhMyth is a powerful android remote administrator tool that gives you the power to establish control over your beloveds' android devices with an easy to use GUI and all the features you need to monitor them.

These are all the top android hacking tools of 2018. There are also many other rats but these are the most advanced in tech and features. There may appear few more that can compete these and make a place to be in the top android list.

Related news


Subscribe to: Posts (Atom)