Stealthy Cyberespionage Campaign Remained Undetected for Two Years


According to a report by Cisco’s Talos security researchers, a covert cyberespionage campaign that went unnoticed for two years targeted a non-profit organization in Saudi Arabia.

Modified reverse proxies (like Fast Reverse Proxy, sSocks, and Venom) and the misuse of trustworthy tools for malware delivery, persistence, and command-and-control (C&C) setup are the campaign’s defining features. Another custom backdoor called Zardoor is also a feature.

Reverse proxy tool usage is similar to the tools, techniques, and procedures (TTPs) used by several Chinese threat actors, according to Talos. Still, there is insufficient data to connect the activity to a recognized Chinese organization.

Read More: Stealthy Cyberespionage Campaign Remained Undiscovered for Two Years

Updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.