You are here
Home > News > Multi-Platform Malware Framework ‘MATA’ On A Global Rampage

Multi-Platform Malware Framework ‘MATA’ On A Global Rampage

According to security researchers, a new multi-platform malware framework just emerged, and it is termed “MATA.” It has successfully targeted victims all over the globe.

Kaspersky Lab stated that it had shared what it discovered of MATA with its Threat Intelligence Portal customers.

In the analysis of this security company, it is explained that the initial artefacts regarding MATA were established as far back as April 2018. As at that time, the person in charge of the malware framework used to target companies in India, South Korea, Germany, Japan, Turkey, and Poland.

The firms that were targeted operated in a lot of economic sectors. An eCommerce business, software company, and an ISP (Internet Service Provider) were part of its victims.

The perpetrators behind MATA showed that they have several motives for attacking their targets in their campaigns. For example, with a company, the malicious actors made use of the framework in querying the databases of the victim with the intention of getting the list of customers. They made use of their threat to share VHS ransomware with another victim.

Kaspersky Lab discovered three variants of MATA that are aimed at either macOS, Linus, or Windows.

There are a lot of components in the windows version, and these include an orchestrator element. An encrypted payload was invoked by the loaded with the use of a hardcoded hex-string. This action gave the orchestrator the chance to load plugin files, then execute then directly from memory. With these plugins, attackers got the chance to manipulate files, develop an HTTP proxy server, and do some other tasks.

One can get the Linux variant of this malware from a legit distribution website, and the macOS version comes as a trojan 2FA (two-factor authentication) software.

Kaspersky Lab revealed in its analysis that the malware platform is connected to a popular threat actor – the Lazarus APT group.

Get Kaspersky Antivirus

RELATED POSTS

Amaya Paucek

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Top
Enable Notifications    Ok No thanks