One of the world’s most advanced hacking groups debuts new Titanium backdoor

Enlarge (credit: https://de.wikipedia.org/wiki/Benutzer:Alchemist-hp#/media/Datei:Titan-crystal_bar.JPG)

One of the world’s most most technologically advanced hacking groups has a new backdoor that’s every bit as sophisticated as its creators.

Dubbed Titanium by the Kaspersky Lab security researchers who discovered it, the malware is the final payload delivered in a long and convoluted attack sequence. The attack chain uses a host of clever tricks to evade antivirus protection. Those tricks include encryption, mimicking of common device drivers and software, memory-only infections, and a series of droppers that execute the malicious code a multi-staged sequence. Yet another means of staying under the radar is hidden data delivered steganographically in a PNG image.

Named after a password used to encrypt a malicious archive, Titanium was developed by Platinum, a so-called advanced persistent threat group that focuses hacks on the Asia-Pacific region, most likely on behalf of a nation.

Read 4 remaining paragraphs | Comments