This is more powerful of the 2 modules of InvisiMole, with support for 84 backdoor commands with the power of almost anything an advanced spyware can do. This module isn’t as advanced as the second one, but it has the ability to extract proxy information from the browsers and use that configuration for sending data to its command and control server. Some of the commands also allow turning on/off user’s microphone and webcam, record audio or take screenshots, monitor local drives, encode audio into MP3 and send back to the command and control server. It supports only 15 commands with the power of altering the local system, search and steal data altogether. This one is less capable and the smallest of the 2 modules. The malware consists of 2 intelligent modules with unique spying features for each. With exception of one file (dating to 13 October 2013), all other compilation dates were replaced with zeros. That way, the actor(s) are safe of their identity.
Unlike most other malware, this one has almost 0 clues about itself as most of the clues are wiped. InvisiMole – very silent thiefĮxcept for the binary files of the malware, there’s hardly any information on how it spreads, who’s behind the malware and where it’s in use.Īccording to ESET researcher Zuzana Hromcová, the telemetry data of the spyware indicates that the actor(s) behind the malware has been active since 2013 and wasn’t discovered until recently when ESET products detected it on compromised computers. That’s why it isn’t suspected of being a work of any individual slash-and-grab cyber-criminal. InvisiMole infected only a few computers and consists of powerful abilities that generally takes months to properly develop. Such assessment is depending on its capability and the availability of such malware in the wild. It’s believed that it’s one of the advanced cyber-espionage tools that’s for financially motivated or nation-state hacks. However, the origin of this malware is still not clear. InvisiMole spied on a very small number of targets in Ukraine and Russia.
Security researchers from ESET have recently discovered the spyware named “InvisiMole” that was on its job for the last 5 years! In the world of malware, there are lots of advanced masterpieces that are able to hide its identity and perform illegal actions without any notification for a long time.
0 kommentar(er)
