It hides in network communications, in all the noise—designed so that defenders can neither detect nor characterize its activity. But its purpose is transparent: to use Twitter, GitHub, and cloud storage services to relay commands and extract data from compromised networks.
Download the report and read about the recently discovered HAMMERTOSS, a malware backdoor created by the Russian advanced persistent threat (APT) group APT29.
How HAMMERTOSS works—the five stages, from looking for a Twitter handle to executing commands, including uploading victim’s data to cloud storage services
Who APT29 is—their history, targets and methodology
Why it’s difficult to detect HAMMERTOSS
Download the report now.
Uncovering a Malware Backdoor that Uses Twitter
HAMMERTOSS: Stealthy Tactics Define a Russian Cyber Threat Group