Discovered Gazer malware, the Russian backdoor which spies embassies and consulates in Europe
The researchers at ESET (the largest software security manufacturer in the European Union), discovered the Russian backdoor called Gazer which is able to spy in the shadows, thanks to its advanced methods, remaining active as long as possible in infected devices. Gazer has hit mostly consulates, embassies, ministries and other public institutions in various parts of the world.
To avoid being discovered, the sophisticated malware constantly changes the strings within its code, randomizes the markers and deletes the files safely.
With attacks on embassies and ministries, Gazer embodies the main features of the cyber-espionage campaign attributed to Turla, a presumed Russian operation that has targeted military and intelligence organizations in the last eight years, infecting hundreds of computers.
These campaigns use spear-phishing techniques to deploy a first-stage backdoor, alongside a second-tier backdoor that captures the information from the infected computer and sends it to the cybercriminal group by connecting to C & C servers.
All organizations, from institutional, diplomatic, supervisory, private companies, are at risk and should employ additional security measures in order to avoid violating their security systems.