Symantec: ‘Seedworm’ Cyber Espionage Group Uses Backdoor to Launch Attacks on Agencies, Telecoms

Symantec has found that a new cyber espionage group called Seedworm has started launch cyber attacks on dozens of government agencies, telecommunications, multinational organizations, oil and gas firms and other institutions worldwide since late September.

Seedworm, also known as Zagos or Muddywater, collects intelligence data on targets across the Middle East and uses a new backdoor to compromise systems, Symantec said Tuesday.

The cyber attackers appear to employ open-source tools to gain access to Windows authorization credentials and deploy a tool to steal passwords in users’ email and web browsers in order to gather actionable data.

Researchers from Symantec’s DeepSight Managed Adversary and Threat Intelligence team also discovered that the group uses Github and customizes publicly available tools to launch attacks and has updated its backdoor to prevent detection since last year.

Check Also

Ball Aerospace

NASA Taps Ball Aerospace to Support Land Imaging Tech Studies

Ball Aerospace has been selected to conduct three research projects to explore sustainable land imaging platforms that could support Earth observation satellite operations under a joint NASA-U.S. Geological Survey program.

Raytheon Technologies

Air Force Receives Raytheon Technologies-Built Laser Weapon System

Raytheon Technologies has built and delivered another high-energy laser weapon system to the U.S. Air Force for use in the branch's upcoming experiments and training activities overseas. The company said Monday HELWS has completed a directed energy weapon evaluation process and been approved for initial operational employment.

USCGC Stone

HII Puts Ninth Legend-Class National Security Cutter Through Sea Trials

Huntington Ingalls Industries has completed a series of at-sea tests on the U.S. Coast Guard's ninth Legend-class national security cutter in the Gulf of Mexico.