The Austrian government announced last week it was investigating a firm based within the nation’s territory for allegedly designing spyware targeting law firms, banks, and consultancies across Europe and Central America.
The news comes after researchers at Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) linked a hacking group called Knotweed to an Austrian surveillance firm named DSIRF, known for multiple Windows and Adobe zero-day exploits.
“Observed victims to date include law firms, banks, and strategic consultancies in countries such as Austria, the United Kingdom, and Panama,” the researchers stated, without identifying the victims.
The researchers unearthed Subzero malware (CVE-2022-22047) deployed in 2021 and 2022 to hack a broad range of devices, phones, computers, and internet-connected devices. Additionally, multiple pieces of evidence were identified that linked DSIRF to Knotweed’s operation, including the C2 infrastructure used by Subzero, and the code signing certificate issued to DSIRF used to sign an exploit.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: