Follow @DigEventHorizon |
It's hard enough creating one air-gap-jumping tool. GoldenJackal did it 2x in 5 years.
Researchers have unearthed two sophisticated toolsets that a nation-state hacking group possibly from Russia used to steal sensitive data stored on air-gapped devices, meaning those that are deliberately isolated from the Internet or other networks to safeguard them from malware.
One of the custom tool collections was used starting in 2019 against a South Asian embassy in Belarus. A largely different toolset created by the same threat group infected a European Union government organization three years later. Researchers from ESET, the security firm that discovered the toolkits, said some of the components in both were identical to those fellow security firm Kaspersky described in research published last year and attributed to an unknown group, tracked as GoldenJackal, working for a nation-state. Based on the overlap, ESET has concluded that the same group is behind all the attacks observed by both firms.
Follow @DigEventHorizon |