Crimeware / APT Malware Masquerade as Santa Claus and Christmas Apps

CloudSek warns of new, seasonal malware threat.
CloudSek monitors were researching the activities of an APT [Advanced persistent threat ] that is targeting software companies globally. What is interesting is this APT appear to conduct widespread intellectual property theft for economic gains, targeted individuals as well as performed intelligence gathering that would be useful for governments. Based on our analysis , the attacker have recently launched campaigns to target Christmas season. Malware masquerades as Santa Claus and many similar Christmas Apps.
Brief Overview :
CloudSek was monitoring an underground hacking team, that was selling a Desktop malware in various underground forums. The desktop malware is specifically designed for jumping air-gapped systems , and given the type of documents the attackers are seeking , it was collecting classified data from software companies and government organisations.
The desktop malware after successful installation proceeds to callback to its controllers located in Germany . The main attraction of this Trojan is the capability to collect data from airgapped systems. The trojan gathers system information and disk information and sends that to the controller. The malware collects two sets of data.
To read the entire article, please click here.