A newly discovered backdoor called “Stealth Soldier” has been linked to a series of targeted espionage attacks in North Africa, primarily targeting individuals in Libya. The backdoor allows for file exfiltration, screen and microphone recording, keystroke logging, and stealing browser information. The infrastructure associated with Stealth Soldier shows similarities to a previous campaign called “Eye on the Nile” that targeted Egyptian civilian society in 2019, suggesting a possible re-appearance of the same threat actor.
The malware’s command and control servers are connected to phishing domains, posing as sites belonging to the Libyan Foreign Affairs Ministry. Robust cybersecurity measures are crucial to counter these targeted espionage attacks.
Read more: https://www.infosecurity-magazine.com/news/north-africa-attacks-stealth/