ScarCruft updates its toolset – Week in security with Tony Anscombe | WeLiveSecurity

2 months ago AndyC

Deployed
against
carefully
selected
targets,
the
new
backdoor
combs
through
the
drives
of
compromised
systems
for
files
of
interest
before
exfiltrating
them
to
Google
Drive

This
week,
ESET
researc

ScarCruft updates its toolset – Week in security with Tony Anscombe | WeLiveSecurity

Deployed
against
carefully
selected
targets,
the
new
backdoor
combs
through
the
drives
of
compromised
systems
for
files
of
interest
before
exfiltrating
them
to
Google
Drive

This
week,
ESET
researchers
published
their
analysis
of
a
previously
undocumented
backdoor
that
the
ScarCruft
APT
group
has
used
against
carefully
selected
targets.
ScarCruft
is
an
espionage
group
that
has
been
operating
since
at
least
2012
and
mainly
takes
aim
at
South
Korea.

The
group’s
new
backdoor,
which
ESET
named
Dolphin,
has
a
wide
range
of
spying
capabilities
as
it
can
monitor
drives
and
portable
devices,
exfiltrate
files,
log
keystrokes,
take
screenshots,
and
steal
credentials
from
web
browsers.

Watch
the
video
to
learn
more
about
the
group’s
new
spying
tool
and
campaigns.

Full
technical
details
are
available
here:

Who’s
swimming
in
South
Korean
waters?
Meet
ScarCruft’s
Dolphin

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

More Stories

Are you in control of your personal data? – Week in security with Tony Anscombe | WeLiveSecurity

Are you in control of your personal data? – Week in security with Tony Anscombe | WeLiveSecurity

3 days ago AndyC
SwiftSlicer: New destructive wiper malware strikes Ukraine | WeLiveSecurity

SwiftSlicer: New destructive wiper malware strikes Ukraine | WeLiveSecurity

3 days ago AndyC
Why your data is more valuable than you may realize | WeLiveSecurity

Why your data is more valuable than you may realize | WeLiveSecurity

4 days ago AndyC
Mastodon vs. Twitter: Know the differences | WeLiveSecurity

Mastodon vs. Twitter: Know the differences | WeLiveSecurity

5 days ago AndyC
5 valuable skills your children can learn by playing video games | WeLiveSecurity

5 valuable skills your children can learn by playing video games | WeLiveSecurity

6 days ago AndyC
Hybrid play: Leveling the playing field in online video gaming and beyond | WeLiveSecurity

Hybrid play: Leveling the playing field in online video gaming and beyond | WeLiveSecurity

1 week ago AndyC

You may have missed

Yubico extends subscription programme, raises prices

Yubico extends subscription programme, raises prices

1 hour ago AndyC
Discover’s unique IT training platform builds skills and community

Discover’s unique IT training platform builds skills and community

1 hour ago AndyC
Modernizing enterprise architecture for the digital era

Modernizing enterprise architecture for the digital era

1 hour ago AndyC
myGov report warns against digital ID fragmentation

myGov report warns against digital ID fragmentation

4 hours ago AndyC
<div>Why You Need AI & ML in Your Digital Infrastructure</div>

Why You Need AI & ML in Your Digital Infrastructure

4 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.