all InfoSec news
Focus on DroxiDat/SystemBC
Malware Analysis, News and Indicators - Latest topics malware.news
Recently we pushed a report to our customers about an interesting and common component of the cybercrime malware set – SystemBC. And, in much the same vein as the 2021 Darkside Colonial Pipeline incident, we found a new SystemBC variant deployed to a critical infrastructure target. This time, the proxy-capable backdoor was deployed alongside Cobalt Strike beacons in a south African nation’s critical infrastructure.
Kim Zetter closely reviewed the preceding Colonial Pipeline incident in her BlackHat 2022 keynote “Pre-Stuxnet, Post-Stuxnet: …
backdoor cobalt cobalt strike colonial colonial pipeline critical critical infrastructure customers cybercrime darkside focus incident infrastructure malware pipeline proxy report strike systembc target vein