Sunday, April 21, 2024
HomeCyber Security BlogsEvasive Set of Sophisticated Tools Are Being Developed by Cyber Criminal Groups.

Evasive Set of Sophisticated Tools Are Being Developed by Cyber Criminal Groups.

Cybercriminals are always trying to evolve with new sophisticated tools which have increased the level of stealth. One of such operations is called TunnelSnake. This is an ongoing APT campaign which makes use of passive backdoor and some other tools to attack the potential victims.

Operation TunnelSnake-

This operation has been active since 2018 and was run by unknown threat actors. They targeted regional diplomatic entities in Asia and Africa.

  • TunnelSnake has been seen to deploy a new backdoor and a rootkit dubbed Moriya on public facing servers. This allows them to spy on the victim and collect information about the network traffic and also send commands to the compromised hosts.
  • The operators also have the user mode version of this malware and network discovery tools.
  • They used different tools for various functions. For lateral movement, they used tools likeBouncer, China Chopper, etc. For the exfiltration process, they used Termite, Earthworm, and TRAN.

Some additional insights into this-

  • IISSpy is used to attack IIS servers that are vulnerable to establish a backdoor in the underlying websites of organisations.
  •  Vulnerability CVE-2017-7269 is exploited by IISSpy for the attacker to acquire a foothold initially.
  • Researchers suspect involvement of Chinese threat actors since some of the open-source malware had connections with Chinese speaking actors.


The daily reports about malware campaigns like Operation TunnelSnake have indicated the fact that another malware is coming into presence in the world of cyber espionage. The use of advanced and sophisticated tools which provide high stealth helped this malware to remain under cover for a long time. It is important to upgrade the security of the organization to be able to remain safe from such attacks.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us