cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Analysis of FinFisher malware used by NEODYMIUM group
By
Louie Mayor
Published Mar 01 2018 08:15 PM 2,203 Views
Louie Mayor
Microsoft
‎Mar 01 2018 08:15 PM

Analysis of FinFisher malware used by NEODYMIUM group

‎Mar 01 2018 08:15 PM

fig3-FinFisher-stages.png

 

Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons:

  • Its access to sophisticated zero-day exploits for Microsoft and Adobe software
  • Its use of an advanced piece of government-grade surveillance spyware FinFisher, also known as FinSpy and detected by Microsoft security products as Wingbird

FinFisher is such a complex piece of malware that, like other researchers, we had to devise special methods to crack it.

 

Read the rest of the post

 

0 Likes
Like
Version history
Last update:
‎Mar 01 2018 09:06 PM
Updated by: