An advanced persistent threat actor known as Budworm has been spotted by security researchers targeting a US based entity. This marks the first time that the group has targeted a US organization as it typically focuses on international targets. Security researchers at Symantec were the first to discover the news.
Budworm allegedly executed attacks over the past six months against several different targets. These targets included a Middle Eastern country’s government, a multinational electronics manufacturer, and a hospital in South East Asia. The latest target is a US baed legislator. The APT group leveraged the Log4j vulnerabilities to compromise the target. The attackers installed web shells and leveraged Virtual Private Servers to conduct the attack. Budworm continues to use the HyperBro malware family as the primary payload in its attacks.