Friday, Jul 10, 2026
English News
  • Hyderabad
  • Telangana
  • AP News
  • India
  • World
  • Entertainment
  • Sport
  • Science and Tech
  • Business
  • Rewind
  • ...
    • NRI
    • View Point
    • cartoon
    • My Space
    • Education Today
    • Reviews
    • Property
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • My Space
  • Reviews
  • Education Today
  • Property
  • Lifestyle
Home | Science & Tech | Rare Spy Malware Hits Diplomats Of Ngos From Asia Europe

Rare spy malware hits diplomats of NGOs from Asia, Europe

Based on the affiliation of the discovered victims, the researchers at cyber security firm Kaspersky were able to determine that the malware campaign known as "MosaicRegressor" was used in a series of targeted attacks.

By IANS
Updated On - 11 October 2020, 03:46 PM
Rare spy malware hits diplomats of NGOs from Asia, Europe
whatsapp facebook twitter telegram

New Delhi: A rare spy malware has hit diplomats and members of NGOs from Asia, Africa and Europe in a series of targeted cyber attacks, including spear-phishing documents in Russian language while some were related to North Korea and used as a lure to download malware.

Based on the affiliation of the discovered victims, the researchers at cyber security firm Kaspersky were able to determine that the malware campaign known as “MosaicRegressor” was used in a series of targeted attacks.


The campaign has so far not been linked “to any known advanced persistent threat (APT) actors”.

The researchers uncovered the APT espionage campaign that uses a very rarely seen type of malware known as a firmware bootkit.

The UEFI bootkit used with the malware is a custom version of Hacking Team’s bootkit leaked in 2015.

“Although UEFI attacks present wide opportunities to the threat actors, MosaicRegressor is the first publicly known case where a threat actor used a custom made, malicious UEFI firmware in the wild,” said Mark Lechtik, senior security researcher at Global Research and Analysis Team (GReAT) at Kaspersky.

“This attack demonstrates that, albeit rarely, in exceptional cases actors are willing to go to great lengths in order to gain the highest level of persistence on a victim’s machine”.

UEFI firmware is an essential part of a computer, which starts running before the operating system and all the programs installed in it.

If UEFI firmware is somehow modified to contain malicious code, that code will be launched before the operating system, making its activity potentially invisible to security solutions.

Kaspersky researchers found a sample of such malware used in a campaign that deployed variants of a complex, multi-stage modular framework dubbed as MosaicRegressor.

“The framework was used for espionage and data gathering with UEFI malware being one of the persistence methods for this new, previously unknown malware,” the researchers explained.

The malware initially installed on the infected device is a Trojan-downloader, a programme capable of downloading additional payload and other malware.

“Depending on the payload downloaded, the malware could download or upload arbitrary files from/to arbitrary URLs and gather information from the targeted machine”, the findings showed.

“The use of leaked third-party source code and its customization into a new advanced malware once again raises yet another reminder of the importance of data security,” said Igor Kuznetsov, principal security researcher at Kaspersky’s GReAT.

“Once software — be it a bootkit, malware or something else — is leaked, threat actors gain a significant advantage,” he added.

  • Follow Us :
  • Tags
  • Africa
  • Asia
  • Corona Virus Deaths
  • Coronavirus

Related News

  • Telangana retired engineers say Kannepalli pumps can be operated, offer voluntary services

    Telangana retired engineers say Kannepalli pumps can be operated, offer voluntary services

  • Konda Surekha challenges Kadiyam Srihari to resign if he is still with BRS

    Konda Surekha challenges Kadiyam Srihari to resign if he is still with BRS

  • Shailesh Vagerwal assumes charge as Chairman and MD of BDL

    Shailesh Vagerwal assumes charge as Chairman and MD of BDL

  • Telangana HC grants conditional bail to Bandi Bageerath in POCSO case

    Telangana HC grants conditional bail to Bandi Bageerath in POCSO case

Latest News

  • Abhinandh PB, Bernadette Szocs lead Goa Challengers to winning start in UTT Season 7

    4 hours ago
  • FIFA WC 2026: Seventeen players risk semifinal suspension over yellow cards

    4 hours ago
  • Humpy, Divya and Vaishali to lead India’s challenge at 2026 Cairns Cup in Saint Louis

    4 hours ago
  • Shreyas Iyer’s unbeaten 80 lifts India to 158/7 against England in fourth T20I

    5 hours ago
  • Wimbledon 2026: Linda Noskova sets up all-Czech final against Karolina Muchova

    5 hours ago
  • MAUD sanctions Rs 77.31 crore to upgrade 404 traffic signals in Hyderabad

    5 hours ago
  • Anvita Khammam Aces beat Hyderabad E-Champions by 10 runs

    5 hours ago
  • Iran condemns US strikes on maritime infrastructure at IMO meet

    5 hours ago

company

  • Home
  • About Us
  • Contact Us
  • Privacy Policy

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

  • Telangana Today Telangana Today
Telangana Today Telangana Today

© Copyrights 2024 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam