SolarMarker malware is now concerning cybersecurity experts because of its severity. Researchers said this computer virus is shifting its tactics, leveraging stealthy tricks to create long-term persistence on breached systems.
The security firm Sophos is the one that first discovered the enhancing activity of the threat actors behind the dangerous malware. Now, the company detected that some of the remote access implants of SolarMarker are still active on the recently targeted networks.
They identified its malicious content on the compromised systems even though the malicious campaign was already inactive since November 2021.
SolarMarker Malware's Linkage To Other Attacks
According to The Hacker News' latest report, SolarMarker malware has been linked to three different security attacks. The first one was the breach back in April 2021.
A Sudanese man repairs a laptop in front of stocks of spare parts in the capital Khartoum, on December 14, 2020. - The United States removed Sudan from its state sponsors of terrorism blacklist and declared a "fundamental change" in relations, less than two months after the Arab nation pledged to normalise ties with Israel. (Photo by Yasuyoshi CHIBA / AFP)
Also Read: NCSC Wants Additional Cybersecurity Measures in UK: Multi-Factor Authentication and More
This security attack was able to fool some business professionals into clicking malicious Google sites, which have the SolarMarker malware installations.
On the other hand, another attack linked to the computer virus gathered sensitive user details from some healthcare and education sectors.
"These SEO efforts, which leveraged a combination of Google Groups discussions and deceptive web pages and PDF documents hosted on compromised (usually WordPress) websites, were so effective," said Gabor Szappanos, a Sophos researcher.
He added that this characteristic allows SolarMarker hackers to be on the top search results, enabling them to trick their victims.
Other Severe Malware
Malware and other malicious content are being deployed by various hacking groups and independent cybercriminals.
Aside from the SolarMarker malware, an Android virus also concerned security experts. Ars Technica reported that this malicious campaign can factory-reset its victims' smartphones after attacking their bank accounts.
This means it will take long before the victims know that their online bank accounts were actually breached.
In other news, an Apple executive shared the iPhone maker's data minimization plans to celebrate Data Privacy Day 2022. Meanwhile, a fake 2FA authenticator app was downloaded around 10,000 times.
For more news updates about the SolarMarker malware and other security threats, always keep your tabs open here at TechTimes.
Related Article: FBI Urges Athletes, Audiences to Use Temporary Phones For Upcoming Beijing Winter Olympics; Cites Potential Cyberattack
This article is owned by TechTimes
Written by: Griffin Davis
