Skip to main content

Sowbug APT uses Felismus backdoor to for cyberespionage operations

posted onNovember 8, 2017
by l33tdawg

A previously unknown cyberespionage group called Sowbug has been found using the Felismus backdoor to spy on several South American and Pacific Rim national governments for the last several years.

The APT group was first officially uncovered by Symantec researchers in March 2017 when it saw Felismus being used against a couple of Southeast Asian countries, but once a deeper look was taken it was realized that this group had been poking around illegally in some government files for several years. However, until March the malware was not associated with Sowbug, tying the APT group to the backdoor was not accomplished until now, Symantec reported.

A lot remains unknown about the group behind the operation other than who and what information it is targeted. Sowbug is focusing its efforts mainly on government and has infiltrated organizations in Argentina, Brazil, Ecuador, Peru, Brunei and Malaysia. The group is well resourced, capable of infiltrating multiple targets simultaneously and has a strong and often operates when the group knows the local staff is at work, the report stated.




Recent News

Tuesday, November 14th

Sunday, November 12th

Friday, November 10th

Wednesday, November 8th

Monday, November 6th