Muhammed Irfan V A
Last known affiliation: Zscaler Inc.
Bio: Muhammed Irfan V A works in Zscaler ThreatLabZ as a Senior Threat Researcher. Irfan has worked in the Malware Research field from past four years. He previously worked at LTIMindtree as a Malware Analyst. His work Areas include Tracking new campaings and Malware Families and providing detection to them. Irfan has completed his Bachelors in Cyber Forensics from Mahathma Gandhi Uninverity
Muhammed Irfan V A 🗣 | Avinash Kumar 🗣 | Nirmal Singh
Abstract (click to view)
The escalation of cyber threats in recent years has introduced malware with advanced capabilities. Among these, backdoor malware has evolved significantly and new families of backdoor malware have surfaced, showcasing capabilities that threaten organizations worldwide. This research paper provides an in-depth analysis of three campaigns delivering backdoor malware families using VenomLNK, a Malware-as-a-Service (MaaS) tool.
Our research delves deeply into the analysis of two newly discovered backdoor malware, providing a comprehensive look at the attack chains they utilize and the ways in which they are delivered. We also investigate motives and the threat group behind these malicious campaigns. To conduct this analysis, we collected a vast array of samples from these campaigns. By examining these samples and campaigns, we uncovered information regarding motive and victimology.
This research also covers the core features of these backdoor malware, focusing on how they communicate over networks along with the commands they support. These commands include executing shell commands, Proxying traffic and many other intriguing commands. We also provide a detailed explanation of how each command works and its specific role within the malware.
