Washington, D.C., December 17, 2024 –The Mask APT resurfaces with an advanced malware arsenal, targeting high-profile organizations across platforms, exploiting email servers and legitimate tools.
After years of silence, the infamous Mask APT has resurfaced, unleashing a sophisticated multi-platform malware arsenal targeting organizations across Latin America.
Cybersecurity experts at Kaspersky have confirmed this legendary threat actor, active since 2007, has evolved with unprecedented stealth and innovation.
The Mask, also known as Careto, has targeted governments, research institutions, and diplomatic entities with highly advanced malware for Windows, macOS, Android, and iOS.
The latest attack, seen in 2022, utilized spear-phishing emails to gain entry into systems, followed by persistence via MDaemon webmail servers and malicious extensions.
This APT is a master of reinvention. Its ability to exploit legitimate software like HitmanPro drivers for malware injection makes it extremely dangerous.
Kaspersky revealed Mask’s use of implants like FakeHMP, capable of reconnaissance, file manipulation, and malware deployment. Their Golang-based framework Goreto also emerged as a standout, pulling commands from Google Drive to perform data theft, keystroke logging, and remote execution.
One victim of Mask’s attacks, a government cybersecurity officer, stated:
This malware bypassed layers of defense. It felt like we were blindsided by an invisible enemy.
The group’s persistence techniques, including driver-based payload injections and complex modular malware, highlight its ability to adapt to modern defenses. Mask remains a formidable player in the cyber-espionage landscape, capable of compromising systems with alarming precision.
Other News At VPNRanks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life!
