How HAMMERTOSS managed to redefine Cybersecurity….
There’s no denying that despite being a place filled with information and a lot of useful stuff, the web is also a place filled with perils, and that is especially true when it comes to malware. In fact, cybersecurity threats have evolved so much in 2015 that quite a lot of them are undetectable so actually finding and getting rid of this is a major challenge on its own. But the HAMMERTOSS malware was one of the major threats in 2015, so let’s find out more about it and how it has changed the world of cyber security as we know it.
What is HAMMERTOSS?
HAMMERTOSS is a backdoor that was created in early 2015 by the Russian group of hackers named APT29. What makes this backdoor very dangerous is the fact that it has a similar design to normal apps so the security professionals can have a very hard time when it comes to actually detecting and removing it.
What HAMMERTOSS does is that avoids detection with the use of obfuscation layers and it also does a great job when it comes to mimicking the way legitimate users behave in the online world. It visits a multitude of widely popular sites such as cloud storage solutions, Twitter or GitHub with the main purpose being of relaying commands and then extracting data from victims. This data is used by the hacker group as they see fit.
How does HAMMERTOSS work?
First, it gets commands from the aforementioned legitimate web services, but it can also work by using the compromised web servers for CnC purposes. It visits multiple Twitter handles on a daily basis and in an automatic fashion, and it can work only at specific times mostly when it can accumulate information from the victim.
It can obtain commands and information simply via images, and it can even obtain info that pertains to hidden as well as encrypted data, so this type of security tools doesn’t affect the backdoor. Another important thing to note is that HAMMERTOSS can actually extract information from any compromised network and all the info can be uploaded to cloud storage, something that in the end can lead to significant damage made to the victims.
Who created it?
As we mentioned earlier, the HAMMERTOSS backdoor is created by the hacker group named APT29. Little is known about this group, in fact people are believing it to be Russian due to their targets and working hours, but this is only a hunch since they weren’t caught up until this point. They have been operating since late 2014 and they have a major focus on discipline, not to mention that they adapt very easy to defenses, something that makes them very powerful and dangerous at the same time.
HAMMERTOSS is indeed one of the major security threats that you can face and the fact that you can get it from social media is really dangerous to begin with. Updating computer and company security is mandatory, and with enough focus you can detect and get rid of it, so try to do that immediately because this backdoor is very, very powerful!