VERY IMPORTANT

Last year, Unit 42 wrote about a newly discovered espionage Android malware family, HenBox, which had countless features for spying on their victims – primarily the Uyghur population – including interaction with Xiaomi IoT devices, and the Chinese consumer electronics manufacturer’s smart phones. Through investigations into infrastructure used by HenBox malware, Unit 42 has discovered another malware family built for the more frequently-targeted Microsoft Windows operating system they named ‘Farseer’. As with HenBox, Farseer also has infrastructure ties to other malware, such as Poison Ivy, Zupdax, and PKPLUG. Unit 42 named this malware Farseer malware due to a string found in the PDB path embedded within the executable files.