In 2018, EFF along with researchers from Lookout Security published a report describing the Advanced Persistent Threat (APT) we dubbed "Dark Caracal." Now we have uncovered a new Dark Caracal campaign operating since March of 2022, with hundreds of infections across more than a dozen countries. In.
Bandidos at large: A spying campaign in Latin America welivesecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from welivesecurity.com Daily Mail and Mail on Sunday newspapers.
Security researchers at EFF have tracked APTs (Advanced Persistent Threats) targeting civil society for many years now. And while in many cases, the “advanced” appellation is debatable, “persistent” is not. Since 2015, EFF has tracked the cyber-mercenaries known as Dark Caracal, a threat actor who has carried out digital surveillance campaigns on behalf of government interests in Kazakhstan and Lebanon.
Recent activity seems to indicate that this actor is active once again. In November of 2019 the group Malware Hunter Team discovered new samples of the Bandook malware which is associated with Dark Caracal. This time with legitimate signing certificates for Windows (issued by the “Certum” certificate authority,) which would allow them to be run without a warning to the user on any Windows computer. Tipped off by the emergence of new variants of the Bandook Trojan, researchers at Checkpoint found three new variants of Bandook: some expanded (120 commands), some slimmed dow