Forcepoint’s Security Labs have identified two new malware variants – ‘BigBoss’ and ‘SillyGoose’ based on the MM Core backdoor. Discovered in 2013 and also known as ‘BaneChat’, MM Core is used for targeted attacks. MM Core spawned a spin off named ‘StrangeLove’ shortly after discovery and then remained seemingly dormant for years. The release of ‘BigBoss’ and ‘SillyGoose’ as early as June 2016, highlights that it is possible for malware to make a strong comeback, even a number of years later. Carl Leonard, Principal Security Analyst at Forcepoint commented below.
Carl Leonard, Principal Security Analyst at Forcepoint:
“We’ve found that although MM Core’s version has incremented twice, the core backdoor remains almost the same with the exception of new file and mutex names – showing that these malicious actors have been cunningly updating the malware just enough to keep their operation under the radar.
SillyGoose has now expanded its operations into the United States and Africa, whereas previously MM Core was limited to Middle Eastern and Central Asian countries and has a particular focus on news and media, government defence, oil and gas manufacturing and telecommunications industries.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…