Security experts at security firm Intezer have recently discovered backdoor, associated with the operation of the Iron cybercrime group, that is based on the leaked source code of Remote Control System (RCS) The group has been active since at least 2016, is known for the Iron ransomware but across the years it is built various strain of malware, including backdoors, cryptocurrency miners, and ransomware to target both mobile and desktop systems. The new backdoor analyzed by the experts uses an installer protected with VMProtect and compressed using UPX.”]
Source: https://securityaffairs.co/wordpress/73211/cyber-crime/iron-cybercrime-group-hackingteam.html