Cybersecurity researchers today uncovered the modus operandi of an elusive threat group that hacks into the high-profile military and diplomatic entities in Eastern Europe for espionage.

The findings are part of a collaborative analysis by cybersecurity firm ESET and the impacted firms, resulting in an extensive look into InvisiMole’s operations and the group’s tactics, tools, and procedures (TTPs).

“ESET researchers conducted an investigation of these attacks in cooperation with the affected organizations and were able to uncover the extensive, sophisticated tool-sets used for delivery, lateral movement, and execution of InvisiMole’s backdoors,” the company said in a report shared with The Hacker News.

Cooperation with the Gamaredon Group

First discovered in 2018, InvisiMole has been active at least since 2013 in connection with targeted cyber-espionage operations in Ukraine and Russia. After slipping under the radar, the threat actor returned late last year with an updated toolset and previously unreported tactics to obfuscate malware.

“InvisiMole has a modular architecture, starting its journey with a wrapper DLL, and performing its activities using two other modules…

http://feedproxy.google.com/~r/TheHackersNews/~3/FYDckKKjFFw/invisimole-hackers.html

Leave a Reply