Kaspersky Urges Caution over Trojan Threat to Middle Eastern Networks

The company said it had found the latest attempt by hackers to spread the "Milum" trojan that seizes control of devices. According to a senior researcher, the attacks appear aimed at gathering information although there is no way of knowing what will happen as the campaign develops


Archive photo: Bigstock

Cybersecurity firm Kaspersky announced recently that it discovered an operation by malicious actors to secretly plant malware in devices, including in the industrial sector. The campaign dubbed "WildPressure" is said to mainly target networks in the Middle East.

Kaspersky said in a press release that its global research and analysis team had found the latest attempt by hackers to spread the "Milum" trojan that seizes control of devices. The company first discovered the trojan in August 2019, it said.   

According to Kaspersky, the trojan is a type of advanced persistent threat (APT) attack typically carried out by actors with significant professional and financial resources. 

"Any time the industrial sector is being targeted, it’s concerning. Analysts need to pay attention because the consequences of an attack against an industrial target can be devastating," Kaspersky Senior Security Researcher Denis Legezo was quoted as saying.

The trojan, once installed, is said to be able to collect and send data from the attacked device, download and execute commands, and upgrade itself.  

"So far, we haven’t seen any clues that would support the idea that the attackers behind WildPressure have intentions beyond gathering information from the targeted networks. However, this campaign is still actively developing; we’ve already discovered new malicious samples apart from the three originally discovered," said Legezo.

"At this point, we don’t know what will happen as WildPressure develops, but we will be continuing to monitor its progression.”

The company said its experts recommend that companies train their staff on basic cybersecurity hygiene, provide their security teams with the latest threat intelligence, update all software regularly, and use a proven security solution for protection against known and unknown threats in order to avoid falling victim to such attacks.