Tag: middle east
-
VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail
The Middle East continues to be a hotbed of APT activity. The WindShift group is one of many APT groups active in the region. First described by Darkmatter ’s Taha Karim in 2018, the group’s toolset includes malware for both Windows and macOS . Building on that research, Jamf ’s Patrick Wardle analysed the WindTail…
-
Paper: Life after the apocalypse for the Middle Eastern NJRat campaign
Malware authors upped their game following 2014 disruption of No-IP. In June last year, somewhat controversially Microsoft moved against dynamic DNS provider No-IP and seized 22 of its domains, subdomains of which were used to spread and control the NJRat (also known as Bladabindi) and NJw0rm (also known as Jenxcus) malware families, both of which…