Blog | G5 Cyber Security

Trojan-Riddled WinRAR, Winbox, IDM Spreads StrongPity Spyware

Some versions of WinRAR file compression tool and Winbox software for managing MikroTik users have been tampered with to install malware serving an advanced threat actor. The operation has been attributed with high confidence to StrongPity, an APT-level adversary that specializes in watering hole attacks for cyberespionage purposes. The group, also known as Promethium, has been active longer than that, though, since at least 2012, and used zero-day vulnerabilities in spearphishing attacks.

Source: https://www.bleepingcomputer.com/news/security/trojan-riddled-winrar-winbox-idm-spreads-strongpity-spyware/

Exit mobile version