Communications of the ACM

Home/News/Hackers-For-Hire Group Develops 'PowerPepper' In-Memory.../Full Text

ACM TechNews

Hackers-For-Hire Group Develops 'PowerPepper' In-Memory Malware

By The Hacker News
December 10, 2020
Comments

View as: Print Mobile App Share:

A previously undiscovered in-memory Windows backdoor for executing remote malware and stealing data has been identified by Kaspersky cybersecurity researchers.

Credit: The Hacker News

Kaspersky cybersecurity researchers revealed a previously undiscovered in-memory Windows backdoor for executing remote malware and stealing data from targets in Asia, Europe, and the U.S.

The PowerPepper backdoor, so named because it relies on steganographic deception to deliver malware in the form of an image of ferns or peppers, was developed by the DeathStalker hacker-for-hire group.

PowerPepper is delivered via a decoy Word document, using Domain Name System over HTTPS to transmit encrypted malicious shell commands from an attacker-controlled server.

The spear-phishing emails have diverse themes, while the Word documents sport social engineering banners urging users to enable macros in order to entice victims into downloading the backdoor.

Kaspersky's Pierre Delcher said, "There is nothing particularly sophisticated about the techniques and tricks that are leveraged, yet the whole toolset has proved to be effective, is pretty well put together, and shows determined efforts to compromise various targets around the world."

From The Hacker News
View Full Article

No entries found

Hackers-For-Hire Group Develops 'PowerPepper' In-Memory Malware

The FTC Wants Your Help Fighting AI Vocal Cloning Scams

Autocorrect Is Not: People Are Multilingual and Computer Science Should Be Too

Tokenomy of Tomorrow: Envisioning an AI-Driven World