:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/S4PTBH26Z5ETBKOG3MPKWFZKPM.jpg)
According to a recent report by Kaspersky, the Careto group, an advanced persistent threat (APT), has launched two new cyber espionage campaigns that were focused on organizations in Latin America and Central Africa. The attack involved sophisticated techniques such as recording audio, stealing files and data, and controlling infected devices. Careto is known for targeting government, diplomatic, energy, and research organizations.
Kucherin from Kaspersky’s GReAT security research team stated that Careto has been developing malware with a high level of complexity over the years. The newly discovered implants had unique and sophisticated deployment tactics and techniques, highlighting the advanced nature of Careto’s operations. Kucherin added that they would continue to closely monitor the activities of this threat actor as they expect the discovered malware to be used in future attacks by the Careto group.
The victims targeted by Careto’s implants in this latest attack belonged to an organization located in Latin America and another one in Central Africa. These implants had multimodal capabilities, allowing for microphone recording, file theft, harvesting of system information, usernames, passwords, and login data from browsers and messaging applications.
In order to spread internally within an organization’s network, Careto exploited a vulnerability in a security solution that distributed malicious implants to multiple devices. The backdoor provided full control of the network to the attacker after compromising email servers using MDaemon software.
The recent Kaspersky report underscores the importance of ongoing vigilance and robust cybersecurity measures to protect against sophisticated cyber threats like Careto’s attacks. As we can see from this example, it is crucial for organizations to stay up-to-date on emerging threats and take proactive steps to secure their networks against potential breaches or attacks from advanced persistent threats like Careto.
