Cybersecurity researchers at SentinelLabs have called on the greater community to utilize their threat hunting skills in deciphering a new malware campaign that is targeting telecommunications companies, ISPSs, and universities. The attacks have been focused on the organizations in the Middle East and Africa. The threat actor has been identified as Metador, a group that leverages sophisticated techniques to deploy Windows-based malware implants. In addition, the group has advanced tactics to avoid detection. SentinelLabs researchers have spent months inspecting the code, however, the security company stated that there is still no reliable sense of attribution.
SentinelLabs shared technical details associated with the Metador group at the recent LABScon security conference. SentinelLabs launched the crowdsourced effort to gain more details about the adversary at the security conference. The research team also stated that its attempts to attribute the hacking group faced several obstacles and resulted in incomplete documentation.