Please see below expert comments by Eddy Bobritsky, CEO at Minerva Labs regarding a Russian hacking group using new stealthy Ceeloader malware. The Nobelium hacking group has continued to breach gov’t and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom “Ceeloader” malware.
<p>The Ceeloader looks to be another evolution step in the ever increasing malware sophistication, using more improved evasion techniques and very specific low level attack methods such as file-less downloading and memory injection.</p>
<p>Most traditional antiviruses and protection services base their detection on known signatures and threat actor behaviors. This makes attacks like these very difficult to mitigate for zero-day and unknown malware variants, especially those designed to evade detection, and require specialized approaches like implementation of Hostile Environment Simulation Models along with other anti-evasion protection techniques.</p>