Hacker-for-hire group DeathStalker develops backdoor malware
DeathStalker group, previously known as Deceptikons, is a long-time active threat actor, known for using a large variety of malware in their campaigns, usually targeting businesses and financial organizations across the world. According to Kaspersky report, a trace of the group, the PowerPepper implant has been found during the investigation of other PowerShell-based implant known as Powerswing. PowerPepper is an in-memory Windows PowerShell-based backdoor that allows the operators to remotely execute shell commands via the C2 server. The malware also includes a large amount of anti-detection features, such as mouse movements detection, client's MAC addresses filtering, and so on. Read more...