FamousSparrow Strikes Again: New Backdoor Version Ruffles Feathers in Cybersecurity World
FamousSparrow, a China-linked cyberespionage group, has upgraded its signature backdoor, SparrowDoor, with a new modular version. This backdoor now boasts parallel command execution, improved stealth, and plugin-based architecture. Meanwhile, ESET’s research hints at FamousSparrow’s access to high-tier Chinese cyber tools, signaling a potential tech upgrade for this notorious group.
Hot Take:
Looks like the FamousSparrow has upgraded its nest with a new and improved SparrowDoor backdoor, making it the Swiss Army knife of cyberespionage tools. Who knew sparrows could be so crafty? Maybe they should consider a career in construction next, given their impressive modular architecture skills!
Key Points:
- FamousSparrow has been spotted using a new, modular version of its backdoor, SparrowDoor, targeting a US-based trade organization.
- The new version includes parallel command execution and a plugin-based architecture, making it more evasive and versatile.
- ESET linked FamousSparrow to attacks on a Mexican research institute and a government institution in Honduras.
- Initial access was achieved through exploiting outdated Microsoft Exchange and Windows Server endpoints.
- FamousSparrow is using ShadowPad, a sophisticated RAT, indicating access to high-tier Chinese cyber tools.
Already a member? Log in here