Main Points:
– A previously unknown threat actor, Sandman, has been identified as the perpetrator of cyber attacks on telecommunication providers in the Middle East, Western Europe, and the South Asian subcontinent.
– The intrusions make use of a just-in-time compiler for the Lua programming language, known as LuaJIT, to introduce a unique implant called LuaDream.
– MVP and APT actors have been using similar techniques, albeit slightly tweaked, as part of their attack campaigns.
Just like a neglected computer update, here’s news you didn’t know you were waiting for! A fresh-faced hacker – and from no beach party – called Sandman has been putting cyber earmuffs on telecom providers across the Middle East, Western Europe, and South Asia. They might be new to the playground, but they’re playing pretty rough!
These attacks aren’t just your garden-variety virus rampage. The Sandman’s been wielding a specialised weapon: a just-in-time compiler named LuaJIT used in the Lua programming language. Think of it as a very rambunctious digital kid that comes into the computer system and causes absolute mayhem, leaving behind a custom implant lovingly called ‘LuaDream’. Really, he could have picked a less sinister name, don’t you think?
If all this hack-trickery sounds strangely similar to you – well, you’re not alone! Some MVP and APT actors have been seen doing a very similar routine on the cyber jungle gym – although they’ve given it their own little twist. It’s like a game of ‘Simon Says’, but with malware. Truly a twisted fairy tale.
Watch out for the Sandman, folks! This new cyber alarm clock is startling telecom providers across various regions with its unique hacks powered by LuaJIT and LuaDream. And this game is not just limited to Sandman, as some MVP and APT players are also in the mix, spinning their own malware tales. Let’s hope our antivirus lullabies can put these cyber nightmares to bed soon!
Original Article: https://thehackernews.com/2023/09/mysterious-sandman-threat-actor-targets.html
No products in the cart.