security company Bitdefender suggests that a sophisticated cyber attack targeted an East Asian IT company. The attack involved the use of a custom malware called RDStealer, which was written in the programming language Golang. According to Bitdefender researcher Victor Vrabie, the operation was active for over a year, with the aim of stealing credentials and data.
The RDStealer malware was detected by Bitdefender in June 2021, although it is believed to have been deployed since May 2020. It was delivered via a spear-phishing email and once installed, it would hide its tracks and begin exfiltrating data. The malware was remotely controlled by the attacker, who could send commands to the infected machines.
The RDStealer malware was designed to collect a wide range of information, including usernames, passwords, and browser cookies. It even had the ability to capture screenshot images and record keystrokes. The attackers were careful to avoid detection, using anti-analysis techniques such as encrypted payloads and obfuscated code.
The East Asian IT company targeted by this cyber attack has not been named, nor has the identity of the attackers been revealed. However, it is believed that the aim of the attack was espionage, rather than financial gain.
Overall, this cyber attack demonstrates the growing sophistication of modern cyber criminals. It also highlights the importance of taking measures to protect against such attacks, such as by implementing strong cybersecurity practices and regularly updating security software.Original Article: https://thehackernews.com/2023/06/experts-uncover-year-long-cyber-attack.html