Hackers target cryptocurrency and Commodities platform by using Evilnum Malware

On Thursday, The advanced persistent threat (APT) actor tracked as Evilnum is once again exhibiting signs of renewed activity targetted at European financial and investment entities.

According to a report shared by Hacker News,  American enterprise security company, Proofpoint said, “Evilnum is a backdoor that can be used for data theft or to load additional payloads. The malware includes multiple interesting components to evade detection and modify infection paths based on identified antivirus software.”

Targets include organizations with operations supporting foreign exchanges, cryptocurrency, and decentralized finance (DeFi). The latest series of attacks is said to have started in late 2021.

According to Hacker News, the findings also dovetail with a report from Zscaler last month that detailed low-volume targeted attack campaigns launched against companies in Europe and the U.K.

Active since 2018, Evilnum is tracked by the wider cybersecurity community which uses the names TA4563 and DeathStalker, with infection chains culminating in the deployment of the eponymous backdoor that’s capable of reconnaissance, data theft, or fetching additional payloads.

“The latest set of activities flagged by Proofpoint incorporate updated tactics, techniques, and procedures (TTPs), relying on a mix of Microsoft Word, ISO, and Windows Shortcut (LNK) files sent as email attachments in spear-phishing emails to the victims,” a source as per Hacker News.


Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

function init() { var vidDefer = document.getElementsByTagName('iframe'); for (var i=0; i