The New Phishing Campaign Exploits Apple and Word Formats to Deliver Malicious Software Written in NIM Programming Language |
---|
Netskope emphasizes that the utilization of non-standard languages in developing malicious software poses challenges for cybersecurity experts. |
A recent surge in attackers’ interest in the NIM programming language is observed, as they are either creating new tools from scratch using this language or porting existing versions of their malicious programs. Notable examples of such tools include Nimzaloader, Nimbda, Icexloader, as well as the Dark Power and Kanti families of ransomware.
The attack campaign under scrutiny initiates with a phishing email containing a Word document attachment, disguised as an investment opportunity.
Backdoors can be embedded within software both during its development phase and, at times, even when it is operational (e.g., through the use of malicious software). These backdoors can serve purposes such as espionage and remote system/device control.