Kaspersky Finds Malware StripedFly That Hides Advanced Codes And Espionage Capabilities

Malware illustration (photo: Kaspersky)

JAKARTA - Kaspersky experts have found malware that was previously not well-known and very sophisticated, known as StripedFly. Malware has also affected more than one million victims since 2017.

Initially, StripedFly acted as a crypto asset miner, until finally showing itself as a complex malware with a multi-functional wormhole framework.

According to Kaspersky, the content of the malware includes many modules, and allows actors to act as APT, crypto miners, and even ransomware groups, potentially expanding their motives from financial gain to espionage.

The attacker behind this operation has a broad ability to spy on victims secretly. This malware collects credentials every two hours, steals sensitive data such as site login credentials and WIFI, as well as personal data such as name, address, phone number, company, and position.

In addition, this malware can capture screenshots on victims' devices undetected, gain significant control over machines, and even record microphone inputs, explained the global cybersecurity firm in a statement received on Friday, October 27.

The number of efforts invested in realizing this framework is extraordinary, and the launch is quite astonishing, Sergey Lozhkin commented, Main Security Researcher at Kaspersky's Global Research and Analysis Team (GREAT).

According to him, the ability of attackers to adapt and develop is a continuous challenge. Therefore, Lozhkin emphasized the importance of further research to uncover and spread sophisticated cyber threats.

"And for customers not to forget comprehensive protection," he concluded.