https://www.facebook.com/itzonepakistan
×

Archives

  • July 2025
  • June 2025
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2021
  • February 2021
  • December 2020
  • November 2020
  • April 2019

Categories

  • Business
  • DMS
  • Networking
  • Technology
  • Tips
  • Uncategorized

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

HOW TO SHOP

1 Login or create new account.
2 Review your order.
3 Payment & FREE shipment

If you still have problems, please let us know, by sending an email to support@website.com . Thank you!

SHOWROOM HOURS

Mon-Fri 9:00AM - 6:00AM
Sat - 9:00AM-5:00PM
Sundays by appointment only!
social sharing

SIGN IN YOUR ACCOUNT TO HAVE ACCESS TO DIFFERENT FEATURES

FORGOT YOUR PASSWORD?

FORGOT YOUR DETAILS?

AAH, WAIT, I REMEMBER NOW!
QUESTIONS? CALL: 03144 166 777
  • LOGIN
  • SUPPORT

IT Zone Pakistan

IT Zone Pakistan

IT Zone Pakistan | Graphics, Web Design, ERP, Document Scanning Services, 3d interior design

T (31) 44 166 777
Email: sales@itzonepakistan.com

IT Zone Pakistan
II Chundriger Road Uni Plaza Karachi-Pakistan

Open in Google Maps
  • Home – IT Zone
  • About Us
  • Our Services
    • Office Paper Shredding Service – Free of Charge!
    • Document Scanning Services
    • Document Management Software
    • Office Computer Scrap Buying
  • Shop
  • BLOG & STORIES
    • EVENTS
  • Contact Us
  • MY CART
    No products in cart.
FREEQUOTE
  • Home
  • BLOG & STORIES
  • Uncategorized
  • Researchers Uncover Covert Attack Campaign Targeting Military Contractors – The Hacker News
July 1, 2025

Researchers Uncover Covert Attack Campaign Targeting Military Contractors – The Hacker News

Researchers Uncover Covert Attack Campaign Targeting Military Contractors – The Hacker News

by admin / Sunday, 09 October 2022 / Published in Uncategorized

A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines.
The highly-targeted intrusions, dubbed STEEP#MAVERICK by Securonix, also targeted a strategic supplier to the F-35 Lightning II fighter aircraft.
“The attack was carried out starting in late summer 2022 targeting at least two high-profile military contractor companies,” Den Iuzvyk, Tim Peck, and Oleg Kolesnikov said in an analysis.
Infection chains begin with a phishing mail with a ZIP archive attachment containing a shortcut file that claims to be a PDF document about “Company & Benefits,” which is then used to retrieve a stager — an initial binary that’s used to download the desired malware — from a remote server.
This PowerShell stager sets the stage for a “robust chain of stagers” that progresses through seven more steps, when the final PowerShell script executes a remote payload “header.png” hosted on a server named “terma[.]app.”
“While we were able to download and analyze the header.png file, we were not able to decode it as we believe the campaign was completed and our theory is that the file was replaced in order to prevent further analysis,” the researchers explained.
“Our attempts to decode the payload would only produce garbage data.”
What’s notable about the modus operandi is the incorporation of obfuscated code designed to thwart analysis, in addition to scanning for the presence of debugging software and halt the execution if the system language is set to Chinese or Russian.
The malware is also designed to verify the amount of physical memory, and once again terminate itself if it’s less than 4GB. Also included is a check for virtualization infrastructure to determine if the malware is being executed in an analysis environment or sandbox.
But if this test fails, rather than simply quitting the execution, the malware disables system network adapters, reconfigures Windows Firewall to block all inbound and outbound traffic, recursively deletes data in all drives, and shuts down the computer.
Should all these checks pass, the PowerShell stager proceeds to disable logging, add Windows Defender exclusions for LNK, RAR, and EXE files, and establish persistence via a scheduled task or Windows Registry modifications.
“Overall, it is clear that this attack was relatively sophisticated with the malicious threat actor paying specific attention to OPSEC,” the researchers noted. “While this was a very targeted attack, the tactics and techniques used are well known and it is important to stay vigilant.”
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.

source

  • Tweet

About admin

What you can read next

Dynamic Positioning Systems Market Size is valued at USD 2219.31 Mn by Forecast 2028 – EIN News
Indians applying for UK visa can now upload documents online – Tourism Breaking News
Apple warns against mass file scanning proposal – https://www.innovationaus.com/

Recent Posts

  • Samsung phones get one more way to scan documents – SamMobile

    source...
  • Geopro Consultants, LLC brings unique business and technology jobs to Lancaster – Lancaster Eagle-Gazette

    source...
  • How to Use WhatsApp’s Document Scanning Feature? – Analytics Insight

    source...
  • Google Drive update to automatically enhance scanned documents starting Jan 2025: All about the new feature – Mint

    source...
  • Scan and Send Docs in WhatsApp Without Other Apps – BizzBuzz

    source...

Recent Comments

    Featured Posts

    • Samsung phones get one more way to scan documents – SamMobile

      0 comments
    • Geopro Consultants, LLC brings unique business and technology jobs to Lancaster – Lancaster Eagle-Gazette

      0 comments
    • How to Use WhatsApp’s Document Scanning Feature? – Analytics Insight

      0 comments
    • Google Drive update to automatically enhance scanned documents starting Jan 2025: All about the new feature – Mint

      0 comments
    • Scan and Send Docs in WhatsApp Without Other Apps – BizzBuzz

      0 comments

    Archives

    • July 2025
    • June 2025
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2021
    • February 2021
    • December 2020
    • November 2020
    • April 2019

    Categories

    • Business
    • DMS
    • Networking
    • Technology
    • Tips
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    GET A FREE QUOTE

    Please fill this for and we'll get back to you as soon as possible!

    FACEBOOK

    2,175
    LIKES

    TWITTER

    1,050
    Followers

    PINTEREST

    101
    follower

    FOOTER MENU

    • Terms and Conditions
    • F.A.Q.
    • Our Services
    • BLOG & STORIES

    NEWSLETTER SIGNUP

    By subscribing to our mailing list you will always be update with the latest news from us.

    We never spam!

    GET IN TOUCH

    II Chundriger Road Uni Plaza Karachi-Pakistan
    Email: Info@Itzonepakistan.com
    Phone:
    Direct+92-314-4166-777
    Sales+92-313-8854-133

    Social Platform

    • Tweet
    • Pin It

    RSS ARY NEWS

    • Govt increases petrol price for next fortnight June 30, 2025
    • GET SOCIAL
    IT Zone Pakistan

    Copyright @2024-25. All rights reserved | Design & Develop IT Zone Pakistan.

    TOP