Comments On New Malware Spies On Diplomats, High-Profile Government Targets

A new modular and malware designed to target diplomatic and government entities was spotted by ESET researchers while being utilized in attacks aimed at Russian-speaking individuals for at least 7 years. The espionage malware strain dubbed Attor by the researchers comes with some unusual capabilities including the use of encrypted modules, Tor-based communications, and a plugin designed for GSM fingerprinting using the AT protocol.”The attackers who use Attor are focusing on diplomatic missions and governmental institutions,” says ESET malware researcher Zuzana Hromcová.


EXPERTS COMMENTS
Richard Bejtlich , Principal Security Strategist,  Corelight
October 14, 2019
NSM software like Zeek could create high fidelity yet compact network transactions logs, suitable for long-term, inexpensive storage.
ESET reported that this campaign began at least seven years ago. Keeping track of network activity over such a long period of time is difficult, but not for organizations that perform network security monitoring. NSM software like Zeek could create high fidelity yet compact network transactions logs, suitable for long-term, inexpensive storage. When a victim organization suspects it may be affected by a long-term adversary campaign, it could retrieve those Zeek records from storage and accelerate its detection, response, and recovery process.

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :



Join the Conversation

Join the Conversation


In this article