The Hiatus of HiatusRAT: Reloaded and Reconnaissance-ing
- The threat actors responsible for the HiatusRAT malware have resurfaced, focusing their attention towards organizations based in Taiwan and a U.S. military procurement system.
- These threat actors have been recompiling malware samples for varying architectures.
- The remodeled malware artifacts have allegedly been hosted on newly fabricated virtual private servers (VPSs), according to a report by Lumen Black Lotus Labs.
The Unhiatus of HiatusRAT
There’s nothing more refreshing than a break, but the threat actors behind the HiatusRAT malware are back from their breather, hitting both organizations based in Taiwan and a U.S. military procurement system. It’s like they said, “Hiatus? More like Hi-attack-us!”
Ch-ch-changes: Recompiling and Resurfacing
Now these guys aren’t “compile-ing” a new album or refreshing their wardrobe: they’re recompiling malware samples for different architectures. This is akin to cooking the same recipe but for different dietary restrictions. However, the end product is a bit less savory.
A VPS Make-Over: Malware’s New Digital Hideout
The remodeled malware artifacts reportedly found a cozy new home on shiny new VPSs, possibly enjoying the smell of a virtual ‘new server’ scent. According to Lumen Black Lotus Labs, this digital housing flip has provided the perfect hosting environment for these updated nasty little bugs.
Summary: Never a Hiatus for the HiatusRAT Malware Actors
In summary, the threat actors responsible for the HiatusRAT malware are back from time off. Geared with recompiled malware samples designed for varying architectures, they’ve expanded their targets to include organizations based in Taiwan and a U.S. military procurement system. Settling into their fresh new VPS homes, these malware toys look set for some serious playtime. It’s like a bad case of digital bed-bugs: they seemingly vanished for a bit, but now they’re back in full swing!