HomeNewsMulti-Platform Malware Framework ‘MATA’ On A Global Rampage

Multi-Platform Malware Framework ‘MATA’ On A Global Rampage

If you purchase via links on our reader-supported site, we may receive affiliate commissions.
spot_img

According to security researchers, a new multi-platform malware framework just emerged, and it is termed “MATA.” It has successfully targeted victims all over the globe.

Kaspersky Lab stated that it had shared what it discovered of MATA with its Threat Intelligence Portal customers.

In the analysis of this security company, it is explained that the initial artefacts regarding MATA were established as far back as April 2018. As at that time, the person in charge of the malware framework used to target companies in India, South Korea, Germany, Japan, Turkey, and Poland.

The firms that were targeted operated in a lot of economic sectors. An eCommerce business, software company, and an ISP (Internet Service Provider) were part of its victims.

The perpetrators behind MATA showed that they have several motives for attacking their targets in their campaigns. For example, with a company, the malicious actors made use of the framework in querying the databases of the victim with the intention of getting the list of customers. They made use of their threat to share VHS ransomware with another victim.

Kaspersky Lab discovered three variants of MATA that are aimed at either macOS, Linus, or Windows.

There are a lot of components in the windows version, and these include an orchestrator element. An encrypted payload was invoked by the loaded with the use of a hardcoded hex-string. This action gave the orchestrator the chance to load plugin files, then execute then directly from memory. With these plugins, attackers got the chance to manipulate files, develop an HTTP proxy server, and do some other tasks.

One can get the Linux variant of this malware from a legit distribution website, and the macOS version comes as a trojan 2FA (two-factor authentication) software.

Kaspersky Lab revealed in its analysis that the malware platform is connected to a popular threat actor – the Lazarus APT group.

Get Kaspersky Antivirus

RELATED POSTS

Delete Me
iolo system mechanic

Subscribe to SecureBlitz Newsletter

* indicates required
Amaya Paucek
Amaya Paucek
Amaya Paucek is a professional with an MBA and practical experience in SEO and digital marketing. She is based in Philippines and specializes in helping businesses achieve their goals using her digital marketing skills. She is a keen observer of the ever-evolving digital landscape and looks forward to making a mark in the digital space.
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.