The advanced persistent threat (APT) actor tracked as Evilnum is once again exhibiting signs of renewed activity aimed at European financial and investment entities.
"Evilnum is a backdoor that can be used for data theft or to load additional payloads," enterprise security firm Proofpoint said in a report shared with The Hacker News. "The malware includes multiple interesting components to evade detection and modify infection paths based on identified antivirus software."
Targets include organizations with operations supporting foreign exchanges, cryptocurrency, and decentralized finance (DeFi). The latest spate of attacks are said to have commenced in late 2021.
The findings also dovetail with a report from Zscaler last month that detailed low-volume targeted attack campaigns launched against companies in Europe and the U.K.
Active since 2018, Evilnum is tracked by the wider cybersecurity community using the names TA4563 and DeathStalker, with infection chains culminating in the...
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.
INN caught up with cryptocurrency investment expert Dan Hoover to review the current landscape and where the market may be heading. The cryptocurrency investment marketplace has gone through severa...