Hawkeye commercial spyware provides a variety of tools for the attackers, in addition to malware anonymity from attribution. It initiates by self-deploying and configuring persistence, while using anti-debugging and timeout techniques, then starts collecting data from the victim’s device, such as passwords, keystrokes and screenshot. Finally, sends the collected data to the attackers. Attached 6 samples of the Hawkeye malware are used in the Operation Ghoul, which is targeted mainly industrial, engineering and manufacturing organizations in more than 30 countries.
Details: https://securelist.com/blog/research/75 ... nizations/
Details: https://securelist.com/blog/research/75 ... nizations/
Attachments
(3.02 MiB) Downloaded 78 times
