Wapack Labs published (today) a deep-dive piece of analysis on a new piece of malware being leveraged in targeted cyber crime operations.
Wapack Labs has dubbed the malware family Backdoor.KLGConfig. A variant of Backdoor.KLGConfig was also observed as specifically targeting credentials for a popular banking application used by many FIs. Follow on analysis exposed a wide criminal
infrastructure consisting of over 500 domains.
Get the indicators from Threat Recon with a "reference" search on FR14-023.
Check out our github for an example scripts:
https://github.com/dechko/threatrecon/blob/master/examples/simple_search_reference.py
