Skip to main content

Sowbug APT uses Felismus backdoor to for cyberespionage operations

posted onNovember 8, 2017
by l33tdawg

A previously unknown cyberespionage group called Sowbug has been found using the Felismus backdoor to spy on several South American and Pacific Rim national governments for the last several years.

The APT group was first officially uncovered by Symantec researchers in March 2017 when it saw Felismus being used against a couple of Southeast Asian countries, but once a deeper look was taken it was realized that this group had been poking around illegally in some government files for several years. However, until March the malware was not associated with Sowbug, tying the APT group to the backdoor was not accomplished until now, Symantec reported.

A lot remains unknown about the group behind the operation other than who and what information it is targeted. Sowbug is focusing its efforts mainly on government and has infiltrated organizations in Argentina, Brazil, Ecuador, Peru, Brunei and Malaysia. The group is well resourced, capable of infiltrating multiple targets simultaneously and has a strong and often operates when the group knows the local staff is at work, the report stated.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th