Analysis of FinFisher malware used by NEODYMIUM group
Published Mar 01 2018 08:15 PM 2,205 Views



Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons:

  • Its access to sophisticated zero-day exploits for Microsoft and Adobe software
  • Its use of an advanced piece of government-grade surveillance spyware FinFisher, also known as FinSpy and detected by Microsoft security products as Wingbird

FinFisher is such a complex piece of malware that, like other researchers, we had to devise special methods to crack it.


Read the rest of the post


Version history
Last update:
‎Mar 01 2018 09:06 PM
Updated by: