Linux malware backdoors supercomputers

ESET researchers discovered Kobalos, a malware that has been attacking supercomputers – high performance computer (HPC) clusters – as well as other targets such as a large Asian ISP, a North American endpoint security vendor, and several privately held servers. “Perhaps unrelated to the events involving Kobalos, there were multiple security incidents involving HPC clusters […]

Continue Reading

Sunburst backdoor – code overlaps with Kazuar

Introduction On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their analysis of related attacks, attributed to an actor named “Dark Halo”. FireEye did not link this activity to any known actor; […]

Continue Reading

Lazarus covets COVID-19-related intelligence

As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that actors, such as the Lazarus group, are going after intelligence that could help these efforts by attacking entities related to COVID-19 research. While tracking the Lazarus group’s continuous campaigns targeting […]

Continue Reading