New advanced hacking group targets governments, engineers worldwide
A new hacking group called FamousSparrow has been detected by researchers at ESET. The team stated on Thursday that the advanced persistent threat (APT) group is targeting governments and engineers in Europe, the UK, Israel, Saudi Arabia, the Americas, West Africa, Taiwan, and other regions. The APT is believed to be active since at least 2019 and has been linked to attacks against governments, international organizations, engineering firms, legal companies, and the hospitality sector across the world. ESET states that the group is separate from other active APTs, however, there does seem to be some overlap such as exploit tools and loaders used in attacks.
The group allegedly joined at least 10 other APTs in exploiting ProxyLogon, a chain of zero-day vulnerabilities that were disclosed in March and used to compromise Microsoft Exchange servers across the world. ESET researchers state that ProxyLogon was first exploited by the group on March 3, before the patch was released.