By Daniel Lunghi and Ecular Xu – In the process of monitoring changes in the threat landscape, we get a clearer insight into the way threat actors work behind the schemes.

In this case we dig deeper into the possible connection between cyberattacks by focusing on the similarities an unnamed threat actor shares with Confucius, Patchwork, and another threat actor called Bahamut. For the sake of this report, we will call this unnamed threat actor “Urpage.”

What sets Urpage attacks apart is its targeting of InPage, a word processor for Urdu and Arabic languages. However, its Delphi backdoor component, which it has in common with Confucius and Patchwork, and its apparent use of Bahamut-like malware, is what makes it more intriguing as it connects Urpage to these other known threats.

In our previous entry, we already covered the Delphi component in the context of the Confucius and Patchwork connection. We mentioned Urpage as a third unnamed threat actor connected to the two. This time, we look into Urpage to gain a deeper insight into the way several threat actors’ actions intersect…

Lese weiter auf: The Urpage Connection to Bahamut, Confucius and Patchwork
Quelle: TrendLabs Malware Blog

Kommentare und Fragen
Möchtest Du zu diesem Artikel ein Kommentar abgeben oder hast dazu eine Frage, dann mach dies bitte immer auf der Herausgeberseite!
Aktuelles von TrendLabs Malware Blog

Diese Information erscheint unabhängig vom Artikel!

DSGVO-Informationen by TRADAR
Glaubst Du, dass Deine Freunde diese Information noch nicht kennen? Teile es mit ihnen.