Latest Target Attack of DarkHydruns Group Against Middle East
released on 2019-01-16 @ 02:21:02 PM
360 Threat Intelligence Center captured several lure Excel documents written in Arabic in January 9, 2019. A backdoor dropped by macro in the lure documents can communicate with C2 server through DNS tunnel, as well as Google Drive API.
We confirmed that this is a DarkHydrus Group’s new attack targeting Middle East region.