Spyware is inherently intriguing primarily because of the complexity that allows it to carry out its malicious plans, and breaking them down is something that security researchers have to do on a regular basis. However, a unique form of spyware with a phenomenal 80 different components and all kinds of tricks has been discovered by a group of analysts after it remained hidden for half a decade.
In a recent talk at the Kaspersky Security Analyst Summit in Singapore, researcher Alexey Shumin shed light on the firm’s groundbreaking discovery of an adaptable Swiss Army spyware framework called TajMahal.
As the name suggests, Swiss Army spyware comprises of a vast array of tools and plugins to achieve various espionage tasks. However, with 80 distinct modules which include not just the standard ones like keylogging and screen-grabbing but also completely new tools, TajMahal is a wonder to behold.
According to Shumin, the malicious software toolkit can perform a range of tasks, from intercepting documents in a printer queue to stealing specific files via USB transfer. Additionally, the software does not bear any indication whatsoever of belonging to any known group of state-sponsored hackers, which makes it all the more mysterious.
Shumin went on to talk about the firm’s discovery of the spyware last fall, which came about as a result of detecting the embassy of a Central Asian country that was a victim of the spyware’s actions. He declined to name the country, but he did state that there were definitely other victims out there.
“It seems highly unlikely that such a huge investment would be undertaken for only one victim,” he wrote.
What is equally intriguing is how such an immense piece of software has managed to stay under wraps for such a long time. Shumin has termed it an advanced persistent threat (APT), which not only has a whole host of new features but also has a completely unique codebase. It seems implausible that something like this could have evaded scrutiny for five whole years.
As Shumin wrote, “It is a reminder to the cybersecurity community that we never really have full visibility of everything that is going on in cyberspace.”
Karachi: A private school in Karachi has unveiled Pakistan’s first AI-powered teacher, a groundbreaking move…
Third-party apps have long been a staple of the Android ecosystem, but their appeal has…
ISLAMABAD: The Competition Commission of Pakistan (CCP) has completed its Phase-II review of Pakistan Telecommunication…
Xiaomi has shattered records by producing 100,000 vehicles in just 230 days. This is nearly…
OpenAI, in collaboration with nonprofit organization Common Sense Media, announced on Wednesday the launch of…
Google is exploring a revamped image-sharing interface in its Messages app, taking cues from WhatsApp…