Researchers have uncovered an advanced persistent threat that for at least five years has used an array of hacking tools and covert automatic updates as part of a hacking campaign that bears little technical similarity to any other APT. The “TajMahal” cyber-espionage group uses software backdoors, audio recorders, keyloggers, screen and webcam grabbers, cryptography key stealers and up to 80 malicious modules as part of a “full-blown spying framework,” according to research published Wednesday by Kaspersky Lab. TajMahal relies on an entirely new base of code that has no similarities to other known malware or APT techniques, helping its operators avoid detection between August 2013 and April 2018, researchers found. “Just to highlight its capabilities, TajMahal is able to steal data from a CD burnt by a victim as well as from the printer queue,” Kaspersky said in a blog post. “It also can request to steal a particular file from […]
The post New APT group TajMahal operates as a ‘full-blown spying network,’ Kaspersky says appeared first on CyberScoop.
Continue reading New APT group TajMahal operates as a ‘full-blown spying network,’ Kaspersky says→