Exploring the Depths of Multi-tiered Infrastructure
Essential information
- Published
- 14/05/2024 13:06
- Modified
- 14/05/2024 13:30
- Tags
- 2024-05-09 2024-05-10 2024-05-14 evasive information-stealing modular multi-tiered persistent solarmarker solarphantom
- Related entities
- 45 observables, 1 intrusion sets (apt), 16 techniques (mitre), 2 malware, 14 others
Description
This report provides an in-depth analysis of SolarMarker, a highly persistent and evolving malware family. It delves into the malware's evolution since 2020, detailing its functionality, evasion tactics, and targeting strategies. The report also highlights the multi-tiered infrastructure supporting SolarMarker, illustrating the threat actor's resilience and sophistication in swiftly rebuilding and strategically shifting infrastructure to evade detection. Additionally, it outlines the high volume of victims across various sectors, particularly education, healthcare, government, hospitality, and SMEs, emphasizing the widespread impact of this threat.