Kaspersky’s findings identified Operation ForumTroll as an advanced persistent threat targeting government entities, media, and financial institutions in Russia. This malware campaign highlighted the resurgence of surveillance technology from Memento Labs. The attacks initiated via personalized phishing links that exploited a zero-day vulnerability in Google Chrome, leading to infections without additional actions from the victims.
Moreover, Kaspersky discovered a new spyware product named ‘Dante,’ developed by Memento Labs. While there were similarities with the ForumTroll campaign, the exact use of Dante was noted in other attacks linked to the same group. Several technical overlaps, such as shared file paths and code structures, indicate a potential connection between the malware and the spyware, shedding light on an evolving threat landscape originating from a notable spyware manufacturer.
👉 Pročitaj original: CyberScoop
