Recently, the Checkpoint researchers asserted that the APT team was behind the hacking operation Dark Caracal. But, the company’s security experts have revealed a new series of attacks towards many enterprises and organizations.
The Dark Caracal operation was conducted by an APT team that are linked to Lebanon. It is rendered with new attacks in which it utilizes a new version of a backdoor Trojan campaign to attack several targets from all over the world, which has been applied for 13 years and is called “Bandook.”
The cybersecurity experts of Check Point reported that over the past year, dozens of alternatives to this malware have started to reappear in the threat landscape. However, Bandook was last detected in a hacking campaign in 2015 and 2017.
Infection Chain
The infection chain keeps evolving constantly, but the attack’s full infection chain can be split into three main stages. The initial stage starts, along with a malicious Microsoft Word document delivered inside a…