APT group | Breaking Cybersecurity News | The Hacker News

Over the past few years, Internet users globally have grown increasingly aware of online privacy and security issues due to mass monitoring and surveillance by government agencies, making them adopt encryption software and services. But it turns out that hackers are taking advantage of this opportunity by creating and distributing fake versions of encryption tools in order to infect as many victims as possible. Kaspersky Lab has revealed an advanced persistent threat (APT) group, nicknamed StrongPity , which has put a lot of efforts in targeting users of software designed for encrypting data and communications. The StrongPity APT group has been using watering-hole attacks, infected installers, and malware for many years to target users of encryption software by compromising legitimate sites or setting up their own malicious copycat sites. Watering hole attacks are designed to lure specific groups of users to their interest-based sites that typically house malicious files or...

The malicious Russian Tor exit node , which was claimed to be patching binary files, is actually distributing a malware program to launch cyber-espionage attacks against European government agencies. The group behind the rogue Tor exit node had likely been infecting files for more than a year, causing victims to download and install a backdoor file that gave hackers full control of their systems. Last month Josh Pitts of Leviathan Security Group uncovered a malicious Tor exit node that wraps Windows executable files inside a second, malicious Windows executable. But when Artturi Lehtiö of F-Secure carried out an in-depth research, he found that the exit node was actually linked to the notorious Russian APT family MiniDuke . " MiniDuke " previously infected government agencies and organizations in more than 20 countries via a modified Adobe PDF email attachment . MiniDuke malware is written in assembly language with its tiny file size (20KB), and uses hijacke...