The Chinese-backed Hafnium hacking group has been linked to a new malware attack.
Research has shown that the threat actor deleted the [Security Descriptor] value within the tree registry path. A security descriptor defines access controls for running the scheduled tasks.
The threat actor is said to have targeted entities in the telecommunication, internet service provider and data services sectors from August 2021 to February 2022.
The threat actor has also created a task using the Tarrask malware to reestablish any lost connection from its CnC(Command and Control) server. This reestablishing connection feature of the malware makes it really lethal for targeted devices.
Install NPAV on your device to keep them safe and secure from all kinds of cyber threats and malware actors. NPAV ensure best-in-class security for your devices and networks.
Use NPAV and join us on a mission to secure the cyber world.