Julien Maury November 7, 2022 Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. Kaspersky revealed that APT10, also known as the Cicada hacking group, has successfully deployed the LODEINFO malware in government, media, public sector, and diplomatic organizations in Japan. LODEINFO has been observed engaged in a spear- phishing campaign since December 2019 by JPCERT/CC. The sophisticated malware was hidden in malicious Word file attachments. So far, nothing unusual for a sophisticated threat actor, but JPCERT/CC concluded that LODEINFO was “under development,” as they found the version number “v0.1.2” during their investigation. Kaspersky researchers have been tracking the malware since then, and they’ve discovered evidence revealing “high-confidence attribution to APT10.” They observed another spear-phishing campaign in March 2022. The malicious W
SME IT News share updates on Cyber Security and other IT related news and tips.