HomeNewsMulti-Platform Malware Framework ‘MATA’ On A Global Rampage

Multi-Platform Malware Framework ‘MATA’ On A Global Rampage

If you purchase via links on our reader-supported site, we may receive affiliate commissions.
cyberghost vpn ad

Security researchers have identified a new and concerning malware threat: a multi-platform framework called “MATA.” This framework has been targeting victims globally since at least April 2018.

READ ALSO: 5 Top Cybersecurity Books You Must Read

Kaspersky Lab's Analysis

  • Early Detection: Kaspersky Lab identified the first traces of MATA in April 2018.
  • Global Reach: The malware has targeted victims across various regions, including India, South Korea, Germany, Japan, Turkey, and Poland.
  • Diverse Targets: MATA attacks have spanned various industries, including e-commerce, software development, and internet service providers (ISPs).
  • Multiple Motivations: The hackers behind MATA have employed the framework for various malicious purposes. Examples include:
    • Stealing customer data from a company's database.
    • Deploying VHS ransomware against another victim.
  • Multiple Variants: Kaspersky Lab identified three variants of MATA targeting Windows, macOS, and Linux.

READ ALSO: Cybersecurity Strategies To Protect Your Critical SaaS Data

MATA Technical Details (Windows Variant)

MATA Technical Details

  • The Windows version features a layered architecture with an orchestrator component.
  • The orchestrator loads plugins from memory using a hardcoded string and executes them directly.
  • These plugins grant attackers capabilities like file manipulation, creating an HTTP proxy server, and more.

Distribution Methods

  • The Linux variant can be downloaded from a seemingly legitimate website.
  • The macOS variant is disguised as trojanized two-factor authentication (2FA) software.

Lazarus Group Connection

Kaspersky Lab's analysis suggests a link between the MATA framework and the infamous Lazarus APT group, known for various cyberattacks.

READ ALSO: Cloud Security: Why Companies Should Not Fear To Move On The Cloud?

The Takeaway

The emergence of MATA highlights the evolving tactics of cybercriminals. Businesses and individuals should remain vigilant, maintain robust cybersecurity measures, and stay updated on the latest threats.

MATA Malware: Frequently Asked Questions

What is MATA?

MATA is a multi-platform malware framework that can infect Windows, macOS, or Linux devices. It has been used to target victims globally since at least April 2018.

Who is behind MATA?

Kaspersky Lab's analysis suggests a link between MATA and the Lazarus Group, a notorious cybercrime group responsible for various attacks.

What are the targets of MATA attacks?

MATA has targeted companies across various sectors, including e-commerce, software development, and internet service providers (ISPs).

What are the goals of MATA attacks?

The attackers have used MATA for malicious purposes, such as stealing customer data and deploying ransomware.

How can I protect myself from MATA?

  • Stay informed about the latest cyber threats.
  • Use reputable security software and keep it updated.
  • Be cautious when downloading files from unknown sources.
  • Implement strong passwords and enable two-factor authentication (2FA) when available.
  • Back up your data regularly.

Note: This was initially published in May 2020 but has been updated.


About the Author:

amaya paucek
Writer at SecureBlitz | Website

Amaya Paucek is a professional with an MBA and practical experience in SEO and digital marketing. She is based in Philippines and specializes in helping businesses achieve their goals using her digital marketing skills. She is a keen observer of the ever-evolving digital landscape and looks forward to making a mark in the digital space.


Delete Me
Incogni Black Friday Ad
Heimdal Security ad


Please enter your comment!
Please enter your name here