Technology

Hackers managed to keep their complex spyware hidden for five years

Spyware is inherently intriguing primarily because of the complexity that allows it to carry out its malicious plans, and breaking them down is something that security researchers have to do on a regular basis. However, a unique form of spyware with a phenomenal 80 different components and all kinds of tricks has been discovered by a group of analysts after it remained hidden for half a decade.

In a recent talk at the Kaspersky Security Analyst Summit in Singapore, researcher Alexey Shumin shed light on the firm’s groundbreaking discovery of an adaptable Swiss Army spyware framework called TajMahal.

As the name suggests, Swiss Army spyware comprises of a vast array of tools and plugins to achieve various espionage tasks. However, with 80 distinct modules which include not just the standard ones like keylogging and screen-grabbing but also completely new tools, TajMahal is a wonder to behold.

According to Shumin, the malicious software toolkit can perform a range of tasks, from intercepting documents in a printer queue to stealing specific files via USB transfer. Additionally, the software does not bear any indication whatsoever of belonging to any known group of state-sponsored hackers, which makes it all the more mysterious.

Shumin went on to talk about the firm’s discovery of the spyware last fall, which came about as a result of detecting the embassy of a Central Asian country that was a victim of the spyware’s actions. He declined to name the country, but he did state that there were definitely other victims out there.

It seems highly unlikely that such a huge investment would be undertaken for only one victim,” he wrote.

What is equally intriguing is how such an immense piece of software has managed to stay under wraps for such a long time. Shumin has termed it an advanced persistent threat (APT), which not only has a whole host of new features but also has a completely unique codebase. It seems implausible that something like this could have evaded scrutiny for five whole years.

As Shumin wrote, “It is a reminder to the cybersecurity community that we never really have full visibility of everything that is going on in cyberspace.”

Sponsored
Hamza Zakir

Platonist. Humanist. Unusually edgy sometimes.

Share
Published by
Hamza Zakir

Recent Posts

Garena Free Fire India Launch Rumors: What Fans Need to Know

Reports suggest that Garena Free Fire is set to make a much-anticipated return to India.…

16 hours ago

Albania Bans TikTok for One Year: Here’s the Reason!

The Albanian government has announced a ban on the social media platform TikTok for a…

20 hours ago

Google Pixel 9 Pro vs. 8 Pro: Biggest Upgrades Compared

The launch of Google’s latest Pixel lineup brings an exciting chance to compare the new…

21 hours ago

Azad Kashmir to Host Pakistan’s First Women-Centric Software Technology Park

ISLAMABAD: In February next year, Pakistan is set to launch its first women-focused software technology…

22 hours ago

HEC Reveals Law Admission Test Date for LLB Students

The Law Admission Test (LAT) has been announced by the Higher Education Commission (HEC) of…

23 hours ago

Meta’s WhatsApp to Release New Playback Speed Feature for Videos

Meta's WhatsApp is rolling out a new playback speed feature, allowing users to adjust video…

1 day ago