Many of ESET’s findings about GoldenJackal are worth noting, including its intent to sneak into air-locked networks, a security measure that involves physically isolating highly sensitive network components or systems from the Internet or untrusted networks to reduce the risk of corruption or lateral movement.
Who is GoldenJackal?
Active since at least 2019, GoldenJackal is an APT group known for targeting government and bureaucratic structures in the Middle East and South Asia, according to a 2023 report from Kaspersky Lab, which has been tracking the group since mid-2020.
GoldenJackal’s previously known malware tools, written mainly in .NET, enabled the group to take control of victims’ machines, stream to systems using removable drives, extract files from infected systems, steal information, collect information about web browsing activities, and take pictures- screen. Kaspersky Lab, which wrote the tools, named them JackalControl, JackalWorm, JackalSteal, JackalPerInfo, and JackalScreenWatcher.
Source link