Security researchers at Check Point publicly document DoubleFeature for Equation Group APT, part of the DanderSpritz post-exploitation framework. In a report published this week, the researchers provided a detailed analysis of DoubleFeature, part of the DanderSpritz designed to create “log and report about the types of tools that could be deployed on the target.”
DanderSpritz and other additional tools were unveiled in 2017 by a group of criminals calling themselves Shadow Brokers, following allegations that they were stolen from the Equation Group – cyber spies reportedly hired by the U.S. National Security Agency (NSA).
Although not as popular as Eternal Romance (ETRO), Eternal Blue (ETBL), and other tools leaked by Shadow Brokers, DanderSpritz’s attack framework has been previously reviewed, and researchers have compared it to exploits used by Chinese hijackers.
Read More: Securityweek
For more such updates follow us on Google News ITsecuritywire News