InvisiMole, spyware active for 5 years
InvisiMole is an spyware that it has used during five last years in directed attacks to Russian and Ukrainian objetives. The main peculiarity of this malware is that it has been used against specific targets, so there are very few samples. Researchers from ESET discovered the malware, indicating that it can be active, going virtually unnoticed since 2013.
The attack vector, as reported from ESET, is unknown but it could have been anyone, from attachments in emails to physical access to the infected machine. The malware has two different modules that allow you to capture with the webcam and record audio with the microphone, steal confidential information or disable functions that provide security to the computer such as the firewall or UAC.
References
-
08/06/2018bleepingcomputer.com
-
12/06/2018unaaldia.hispasec.com
Etiquetas
