A new Advanced Persistent Threat (APT) group known as StrongPity has been discovered using a trojanized version of the popular messaging app Telegram to gain access to victims' systems. According to cybersecurity researchers, the group has been using the malware to target individuals and organizations across Europe and North Africa.
The StrongPity APT group is known for using a variety of tactics to gain access to victims' systems, including phishing campaigns and watering hole attacks. However, in this recent campaign, the group has used a trojanized version of Telegram, which is a legitimate messaging app that is widely used in the targeted regions.
The trojanized version of Telegram is distributed through a variety of methods, including email phishing campaigns and malicious websites. Once the app is installed on a victim's device, it allows the StrongPity APT group to gain access to the system and steal sensitive information.
The group has been found to use the malware to exfiltrate data, record keystrokes, and capture screenshots of the victim's device. Additionally, the malware allows the group to execute arbitrary commands on the infected system, giving them full control over the victim's device.
To protect against this APT group and similar threats, it is important to be vigilant when downloading apps, especially from unofficial sources. Additionally, it's recommended to keep software and anti-virus programs up to date, and to use a reputable security solution that includes advanced threat detection capabilities.
Comments
Post a Comment