Java Icefog Malware Variant Infects U.S. Businesses

  /     /     /  
Publicated : 22/11/2024   Category : security

Java Icefog Malware Variant Infects U.S. Businesses


APT attack campaign uses tough-to-detect Java backdoor to compromise US oil company and two other organizations


Beware Java-based malware thats been used to exploit at least three US-based organizations.
That warning of a new advanced persistent threat (APT) attack campaign came via Kaspersky Lab, which said that its traced a malicious Java archive (a.k.a. JAR) file to eight infected systems inside three US-based organizations, which it declined to name. Based on the IP address, one of the victims was identified as a very large American independent oil and gas corporation, with operations in many other countries, Kaspersky Lab researchers Costin Raiu, Vitaly Kamluk, and Igor Soumenkov said in a joint blog post Tuesday. As of today, all victims have been notified about the infections. Two of the victims have removed it already.
The attacks have been tied to the Icefog APT attack campaign, which historically has used Windows Preinstallation Environment files to infect targets.
Whats unusual about the latest attacks is that the Javafog malware used by attackers was, as the name implies, written in Java. Furthermore, it includes only basic functionality, such as the ability to upload files to a designated server, as well as change the command-and-control (C&C) server to which it reports. The backdoor doesnt do much else, according to Kaspersky Lab. It allows the attackers to control the infected system and download files from it. Simple, yet very effective.
Read the full article
here
.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Java Icefog Malware Variant Infects U.S. Businesses