Mercenary Hacking Group Selling Spyware

Uploaded on 2022-08-02 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Microsoft has identified a spyware called Subzero which has been used to hack law firms, banks and strategic consultancies in countries such as Austria, the UK and Panama. In particular, Microsoft has been investigating an Austrian private-sector firm that it believes is operating illegal offensive security services on behalf of clients in a similar fashion to NSO Group and its Pegasus spyware.

Vienna-based DSR Decision Supporting Information Research Forensic (DSIRF) presents itself as a professional services company with clients across high-value industries, but investigations have revealed it is offering spyware and malware services to clients.

The company has been observed putting together Windows zero day exploits and Adobe products to deploy its Subzero malware, which enables spying on targeted individuals. Victims include businesses in the UK, Austria, and Panama, and span industries such as banking, law firms, and strategic consultancies, according to Microsoft.

Microsoft has concluded that the company is operating an unauthorised, mercenary offensive security operation similar to that of NSO Group, and has given the threat actor the codename Knotweed.

The group is highly secretive and only reveals the full extent of its capabilities to clients in exclusive meetings. There is no clear evidence that it operates a genuine professional services operation as it claims to and there are suspicions that the Austrian firm has ties to the Russian government agencies

Microsoft’s investigation has focused on the Subzero malware the DSIRF makes available to clients. The malware Microsoft observed was packaged in a PDF doc sent to a victim via email  and Microsoft say that  Subzero can be deployed in several different ways, making use of a remote code execution (RCE) vulnerability in Adobe Reader, coupled with a now-patched privilege escalation exploit in Windows (CVE-2022-22047). 

Microsoft:     ITPro:      Netzpoiltik:    Silicon Republic:       Yahoo:    Cybersecurity.News

You Might Also Read: 

Revealed: Top Secret Israeli Hackers For Hire:

 

« For Sale: 5.4m Twitter Users’ Data
Google Chrome Extension Used To Steal Emails »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Janusnet

Janusnet

Janusnet develops software and solutions for organisations to enforce and manage data security.

Kualitatem

Kualitatem

Kualitatem Inc. is an independent software testing and information systems auditing company

Intertek Group

Intertek Group

Intertek Group provides Assurance, Testing, Inspection and Certification services. Activities include cybersecurity testing and certification.

Thinklogical

Thinklogical

Thinklogical manufactures secure, KVM, video, audio, and computer peripheral signal switching solutions for defence C4ISR applications.

Eperi

Eperi

Eperi is a leading provider of Cloud Data Protection (CDP) solutions with 15 years of experience in data encryption for databases, (SaaS) applications and files.

MPC Alliance

MPC Alliance

A consortium of developers and practitioners of multiparty computation (MPC), committed to accelerating market awareness and adoption of MPC to increase the security and privacy of online services.

Verificient Technologies

Verificient Technologies

Verificient Technologies specializes in biometrics, computer vision, and machine learning to deliver world-class solutions in continuous identity verification and remote monitoring.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

Inversion6

Inversion6

Inversion6 (formerly MRK Technologies) is a cybersecurity risk management provider that offers custom security solutions.

Gotham Security

Gotham Security

Gotham Security delivers high-quality penetration testing, malicious adversary simulation, compliance program development, and threat intelligence services.

Chestnut Hill Technologies (CHT)

Chestnut Hill Technologies (CHT)

CHT provide Best Practices IT Cybersecurity and Technology Solutions and Consulting Support to the Mid Cap through Fortune 1000 Nationwide.

IT Solutions Consulting

IT Solutions Consulting

IT Solutions is a full-service IT partner providing managed services and other information technology solutions nationwide.

Loccus AI

Loccus AI

Loccus are developers of AI solutions in the voice safety space. We build identity verification solutions, deepfake detection systems and fraud protection products for companies and end-users.

TeamSystem

TeamSystem

TeamSystem is a leading tech company in the market for digital business management solutions for companies and professionals.

ColCERT

ColCERT

ColCERT is the national cybersecurity emergency response team of Colombia.