Skip to main content

Sowbug APT uses Felismus backdoor to for cyberespionage operations

posted onNovember 8, 2017
by l33tdawg

A previously unknown cyberespionage group called Sowbug has been found using the Felismus backdoor to spy on several South American and Pacific Rim national governments for the last several years.

The APT group was first officially uncovered by Symantec researchers in March 2017 when it saw Felismus being used against a couple of Southeast Asian countries, but once a deeper look was taken it was realized that this group had been poking around illegally in some government files for several years. However, until March the malware was not associated with Sowbug, tying the APT group to the backdoor was not accomplished until now, Symantec reported.

A lot remains unknown about the group behind the operation other than who and what information it is targeted. Sowbug is focusing its efforts mainly on government and has infiltrated organizations in Argentina, Brazil, Ecuador, Peru, Brunei and Malaysia. The group is well resourced, capable of infiltrating multiple targets simultaneously and has a strong and often operates when the group knows the local staff is at work, the report stated.

Source

Tags

Security

You May Also Like

Recent News

Monday, February 19th

Thursday, February 15th

Tuesday, February 13th

Monday, February 12th

Sunday, February 11th

Saturday, February 10th