PowerPepper

  • First known sample

    2020
  • Discovery

    2020
  • Number of targets

    1-100
  • Current status

    Active
  • Type

    Backdoor
  • Targeted platforms

    Windows
  • TOP targeted countries

    Central Asia , Europe , North America
  • Connected attacks

  • The way of propagation

    File infection
  • Artefacts/Attribution

    This backdoor was created by DeathStalker, an APT actor offering hacking-for-hire services.

  • Description

    This new custom backdoor by DeathStalker, the APT actor offering hacking-for-hire services, was first spotted in August 2020. Typically spread via spearphishing emails, the backdoor deploys several evasion techniques, including steganography, encryption, and custom obfuscation, to avoid detection. It’s been seen primarily in Europe, with a couple of cases in Asia and the Americas, and is most likely targeting law consultancy and financial firms

    Additional information