Metador primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa. The operators are highly aware of operations security, managing carefully segmented infrastructure per victim, and quickly deploying intricate countermeasures in the presence of security solutions. Metador’s attack chains are designed to bypass native security solutions while deploying malware platforms directly into memory.
ADVERSARY: Metador
INDUSTRIES: Telecommunications, ISP, Education
ATT&CK IDS: T1001 - Data Obfuscation, TA0003 - Persistence, T1073 - DLL Side-Loading, T1055 - Process Injection, TA0011 - Command and Control
Read More:
Commentaires