![]() ![]() Polonium has developed custom tools for taking screenshots, logging keystrokes, spying via webcam, opening reverse shells, exfiltrating files and more. The group’s most recent actions were observed in September 2022. Their victims include companies in engineering, information technology, law, communications, branding and marketing, media, insurance and social services. Microsoft researchers have linked Polonium to Lebanon and assessed the group has ties with Iran's Ministry of Intelligence and Security (MOIS).ĮSET’s findings, presented at the Virus Bulletin 2022 conference in late September and published on October 11, 2022, show that Polonium has targeted more than a dozen organizations since at least September 2021. Researchers from European cybersecurity vendor ESET have found previously undocumented custom backdoors and tools used by a relatively new APT group called Polonium.įirst discovered in June 2022 by the Microsoft Threat Intelligence Center (MSTIC), Polonium is a highly sophisticated, currently active hacking group, which appears to be exclusively targeting Israeli organizations for cyber-espionage purposes – they have not so far deployed sabotage tools such as ransomware or wipers.
0 Comments
Leave a Reply. |