One of the most active professional -Krain Hacker Gredang Zmiy began to use a new malware called Puma in his attacks on Russia. The vehicle allows the attackers to cut off the control of violated systems in an inexplicable way, spy them, and destroy them if necessary. In this case, complex masking mechanisms make it extremely difficult to detect Puma. Cyberrose Sarias Siberroz Center Specialist Konstantin Isakov was told about this newspaper.
“Puma’s aim is to prevent the control of the attacked system. Thanks to the complex mechanisms of system infection, it is almost impossible to determine the presence of Puma.
The reason for starting the investigation of this incident, as the expert explained, was suspicious demands to external servers of the company’s computers. The use of an open -all compromise indicators made it possible to determine that these servers are associated with the Puma management and that it belongs to Zmiy.
During the examination of the wounded company network, Ten different versions of Puma were discovered, as well as other malicious software samples associated with Gsoke and Bulldog Backdoor Group, including the feature of the Backdoor Group. The discovered vehicle set provided full control to cyber criminals on the victim infrastructure.
“During the data related to the victim received during the primary intelligence, the pouring of the ZMIY Law in a different way. Investigations, the attackers have been in the infrastructure for more than a year and have dealt with Cyberpios for more than a year.
According to him, Puma’s functionality, that is, other malicious systems, is an invisible ability to load the attacked systems, which makes it very diverse in terms of damaging grouping zmiy.
Pouring ZMIY Hackers first came to the opinion of Solar 4ras analysts at the beginning of last year. According to the results of the 2024, 34% of the events investigated by the center are associated with the activities of this team. The main profile of ZMİY is attacks that aim to damage cyber and Russian infrastructure. Grouping constantly changes its methods and tools by updating the ammunition. Isakov described Zmiy’s shedding as “a serious threat to Russian companies”.
At the beginning of the Ministry of Interior induced Russians about the hacking of Keenetik Wi-Fi Roters.
What are you thinking?
Source: Gazeta
Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.