Java Icefog Malware Variant Infects U.S. Businesses

  /     /     /  
Publicated : 22/11/2024   Category : security


Java Icefog Malware Variant Infects U.S. Businesses


APT attack campaign uses tough-to-detect Java backdoor to compromise US oil company and two other organizations



Beware Java-based malware thats been used to exploit at least three US-based organizations.
That warning of a new advanced persistent threat (APT) attack campaign came via Kaspersky Lab, which said that its traced a malicious Java archive (a.k.a. JAR) file to eight infected systems inside three US-based organizations, which it declined to name. Based on the IP address, one of the victims was identified as a very large American independent oil and gas corporation, with operations in many other countries, Kaspersky Lab researchers Costin Raiu, Vitaly Kamluk, and Igor Soumenkov said in a joint blog post Tuesday. As of today, all victims have been notified about the infections. Two of the victims have removed it already.
The attacks have been tied to the Icefog APT attack campaign, which historically has used Windows Preinstallation Environment files to infect targets.
Whats unusual about the latest attacks is that the Javafog malware used by attackers was, as the name implies, written in Java. Furthermore, it includes only basic functionality, such as the ability to upload files to a designated server, as well as change the command-and-control (C&C) server to which it reports. The backdoor doesnt do much else, according to Kaspersky Lab. It allows the attackers to control the infected system and download files from it. Simple, yet very effective.
Read the full article
here
.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ New threat discovered: Mobile phone ownership compromised. ◂
Discovered: 23/12/2024
Category: security

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Java Icefog Malware Variant Infects U.S. Businesses