Ferocious Kitten has operated since at least 2015, focusing on espionage against targeted individuals in Iran. Their sophisticated custom implant, MarkiRAT, employs malware techniques including weaponized Microsoft Office documents and social engineering to manipulate victims into execution. Once activated, the malware collects sensitive data through keystroke logging, clipboard capture, and credential harvesting, while also employing evasion tactics such as the Unicode trick to disguise malicious files.
The group targets dissidents and activists to establish a foothold within their systems. MarkiRAT is designed to blend in with legitimate applications, enhancing its chances of remaining undetected. Critical research shows that the malware is capable of circumventing security software and systematically exfiltrating sensitive data, including secrets stored in applications like KeePass. With its ongoing focus on intelligence gathering, Ferocious Kitten continues to pose a significant and evolving threat to its targets globally.
👉 Pročitaj original: Cyber Security News
