Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Top LG Promo Codes for July 2025

    July 29, 2025

    Microsoft Edge transforms into an AI browser with new Copilot Mode

    July 28, 2025

    Women’s ‘red flag’ app Tea is a privacy nightmare

    July 28, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » A Mysterious Hacking Group Has 2 New Tools to Steal Data From Air-Gapped Machines
    Security

    A Mysterious Hacking Group Has 2 New Tools to Steal Data From Air-Gapped Machines

    News RoomBy News RoomOctober 12, 20242 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    The newly discovered toolkit is composed of many different building blocks, written in multiple languages and capabilities. The overall goal appears to be increased flexibility and resiliency in the event one module is detected by the target.

    “Their goal is to get hard to obtain data from air-gapped systems and stay under the radar as much as possible,” Costin Raiu, a researcher who worked at Kaspersky at the time it was researching GoldenJackal, wrote in an interview. “Multiple exfiltration mechanisms indicate a very flexible tool kit that can accommodate all sorts of situations. These many tools indicate it’s a highly customizable framework where they deploy exactly what they need as opposed to a multi purpose malware that can do anything.”

    Other new insights offered by the ESET research is GoldenJackal’s interest in targets located in Europe. Kaspersky researchers detected the group targeting Middle Eastern countries.

    Based on the information that was available to Kaspersky, company researchers couldn’t attribute GoldenJackal to any specific country. ESET has also been unable to definitively identify the country, but it did find one hint that the threat group may have a tie to Turla, a potent hacking group working on behalf of Russia’s FSB intelligence agency. The tie comes in the form of command-and-control protocol in GoldenHowl referred to as transport_http. The same expression is found in malware known to originate with Turla.

    Raiu said the highly modular approach is also reminiscent of Red October, an elaborate espionage platform discovered in 2013 targeting hundreds of diplomatic, governmental, and scientific organizations in at least 39 countries, including the Russian Federation, Iran, and the United States.

    While much of Tuesday’s report contains technical analysis that is likely to be too advanced for many people to understand, it provides important new information that furthers insights into malware designed to jump air gaps and the tactics, techniques, and procedures of those who use it. The report will also be useful to people responsible for safeguarding the types of organizations most frequently targeted by nation-state groups.

    “I’d say this is mostly interesting for security people working in embassies and government CERTs,” Raiu said. “They need to check for these TTPs and keep an eye on them in the future. If you were previously a victim of Turla or Red October I’d keep an eye on this.”

    This story originally appeared on Ars Technica.

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleHow to Choose the Best Game Subscription Service
    Next Article Apple’s cheapest iPads are still steeply discounted following Prime Day

    Related Posts

    DHS Faces New Pressure Over DNA Taken From Immigrant Children

    July 25, 2025

    At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds

    July 24, 2025

    China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year

    July 23, 2025

    How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies

    July 21, 2025

    Hackers Are Finding New Ways to Hide Malware in DNS Records

    July 19, 2025

    Adoption Agency Data Exposure Revealed Information About Children and Parents

    July 19, 2025
    Our Picks

    Microsoft Edge transforms into an AI browser with new Copilot Mode

    July 28, 2025

    Women’s ‘red flag’ app Tea is a privacy nightmare

    July 28, 2025

    Samsung’s One UI 8 might shut down bootloader unlocking on Galaxy phones

    July 28, 2025

    The controversial legal tactic The Trump Organization is using to take down fake merch

    July 28, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    Sony calls Tencent game ‘slavish clone’ of Horizon in new lawsuit

    By News RoomJuly 28, 2025

    Sony is suing Tencent to attempt to stop the release of Light of Motiram, which…

    Yet another Pixel 6A caught fire

    July 28, 2025

    Your Whistle pet tracker will stop working next month

    July 28, 2025

    The UK is slogging through an online age-gate apocalypse

    July 28, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.