ESET Security researchers have discovered a new malware (Gazer) campaign targeting governments, ministries and embassies worldwide to spy on governments and diplomats.
Gazer is active since 2016 and is thought to be carried out by Turla advanced persistent threat (APT) hacking group that’s been previously associated with Russian intelligence.
ESET’s security researchers are the first in the world to document the advanced malware, which they have called “Gazer”, in spite of evidence that it has been actively deployed in targeted attacks against governments and diplomats since at least 2016.
According to ESET researchers:
“Gazer’s success can be explained by the advanced methods it uses to spy on its intended targets, and its ability to remain persistent on infected devices, embedding itself out of sight on victim’s computers in an attempt to steal information for a long period of time.”
“ESET researchers have discovered that Gazer has managed to infect a number of computers around the world, with the most victims being located in Europe.”
The difference between Gazer and past creations of the Turla cyberespionage group become clear when the malware is analyzed. The malware makes extra attempts to avoid detection by modifying strings within its code, randomizing markers, and cleaning files securely.
All organizations are recommended to take today’s sophisticated threats serious and adopt a layered defense to decrease the risks of a security breach.