top of page

The Mystery of Metador | An Unattributed Threat Hiding in

Metador primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa. The operators are highly aware of operations security, managing carefully segmented infrastructure per victim, and quickly deploying intricate countermeasures in the presence of security solutions. Metador’s attack chains are designed to bypass native security solutions while deploying malware platforms directly into memory.


ATT&CK IDS: T1001 - Data Obfuscation, TA0003 - Persistence, T1073 - DLL Side-Loading, T1055 - Process Injection, TA0011 - Command and Control

Read More:

1 view


Commenting has been turned off.
bottom of page