headlinez.news Live news trend intelligence
▲ Peaking Technology 🔮 headlinez.news predicts: fades by tomorrow

Russian hackers trojanize WebEx, Zoom apps to push Starland malware

Security researchers have identified a sophisticated malware campaign targeting corporate users through compromised WebEx and Zoom installation files.

5sources
5articles
3velocity
+0%since first seen
15h agofirst detected

Velocity

How fast coverage is spreading — measured hourly from article rate × source diversity. How this works →

The brief

A campaign linked to Russian threat actors is utilizing trojanized installers for popular business communication tools, WebEx and Zoom, to deploy the Starland remote access trojan (RAT). The operation also utilizes a bespoke WLDR command-and-control implant to facilitate the activity.

Coverage from BleepingComputer, IT Pro, Security Affairs, Intelligent CISO, and the Cisco Talos Blog emphasizes the deployment of the UAT-11795 threat group. Reports highlight that this financially motivated campaign is actively impacting organizations across the United States and Europe.

Future developments hinge on mitigation efforts by Cisco and other security entities. Coverage does not yet specify the total reach of the infection or the specific financial targets of the UAT-11795 group.

Synthesized by headlinez.news from the headlines below under a strict no-invention contract. Updated 11m ago.

Quick answers

What software is being exploited in this campaign?

The campaign uses trojanized installers for the business communication applications WebEx and Zoom.

What malware is associated with these attacks?

The attacks deploy the Starland remote access trojan and a bespoke WLDR command-and-control implant.

Who is behind the campaign?

Cisco Talos attributes the activity to a group identified as UAT-11795, reportedly based in Russia.

Coverage (5)

Topics

Related trends