Ukrainian Govt Hit by Password-Stealing Malware
ESET researchers revealed this week that a cyber espionage group is attacking the Ukrainian government with data-stealing malware which creates a backdoor into the system.
The hackers are reportedly using a remote access trojan called Vermin which is delivered with two other malware strains – Sobaken RAT and Quasar RAT, with the latter being an open source form of malware freely available online.
The malware are capable of monitoring what happens on screen, and downloading additional payloads and uploading files. They can also make audio recordings of sounds near the user’s computer, extract passwords from browsers, and log keystrokes.
The researchers said that the malware has been used to attack hundreds of different victims in the region since 2015, but it appears to share infrastructure and connect to the same command and control servers.