The group behind Evilnum malware, that targets financial institutions, appears to be testing new techniques.
ESET researchers published an analysis of advanced persistent threat (APT) group Evilnum, known for developing malware of the same name. A detailed look at its activity reveals an evolved toolset and infrastructure that combine custom malware with tools bought from malware-as-a-service (MaaS) providers.
Evilnum has been around for at least two years, according to Matías Porolli, a malware researcher at ESET, which has been tracking the malware’s operations since April. The group has historically targeted financial technology companies that offer training and investment platforms. Its attacks are few in number but very specific. This, combined with Evilnum’s use of legitimate tools in its activity, has helped the group fly mostly under the radar.
Source: Dark Reading