APT28-linked trojan being developed in multiple programming languages, research shows
An elite Russia-linked hacking group is creating multiple versions of one of its go-to malicious tools in an apparent attempt to make its activity harder to detect, according to research published Tuesday by Palo Alto Networks. The company’s Unit42 threat intelligence team says that the hacker group Sofacy, also known as APT28, Fancy Bear and many other names, has been spotted using a version of the Zebrocy trojan written in the “Go” programming language in multiple phishing campaigns. The findings add to a list of Zebrocy variants written in different types of code. Researchers and Western governments have largely attributed APT28 to Russian intelligence services. “The use of a different programming language to create a functionally similar Trojan is not new to this group, as past Zebrocy variants have been developed in AutoIt, Delphi, VB.NET, C# and Visual C++,” the researchers wrote. “While we cannot be certain the impetus for this, […]
The post APT28-linked trojan being developed in multiple programming languages, research shows appeared first on CyberScoop.