APT-K-47 group uses new malware tools to launch data theft attacks
The APT-K-47 group deployed new and previously undisclosed malware tools including WalkerShell DemoTrySpy NixBackdoor and Nimbo-C2 to compromise targets and steal sensitive data. After gaining initial access the attackers downloaded additional payloads like ORPCBackdoor to establish persistence. The campaign targeted organizations in countries like Russia Pakistan Bangladesh and the United States across multiple industries. The attackers were able to traverse file systems to exfiltrate documents of interest and steal browser passwords. The report examines the new malware tools in detail including their capabilities and role in the attack chain.