New Advanced Backdoor with Distinctive Malware Tactics

Researchers have uncovered a novel advanced backdoor, Deadglyph, used by Stealth Falcon, a group linked to cyber espionage. The backdoor uses programming languages unusually, hinting at multiple developers and potentially designed to hinder analysis. This tool also receives commands from an actor-controlled server, allowing it to create new processes and read files on compromised systems. Stealth Falcon has been tied to targeted attacks in the Middle East and notable Windows flaws. Deadglyph joins its arsenal, discovered by Slovak cybersecurity firm, ESET, on an unnamed government entity’s systems in the Middle East.