Quote:A recently discovered backdoor program designed to compromise Windows users has strong ties to HenBox, an Android-based malware known to target members of the Uyghur ethnic group in China, as well as smartphones from Chinese manufacturer Xiaomi.
Dubbed Farseer, the previously undisclosed malware dates back at least two-and-a-half years, according to Palo Alto Networks’ Unit 42 researchers Alex Hinchliffe and Mike Harbison in a Feb. 26 company blog post. Unit 42 has tracked more than 30 unique samples over that span of time — and while most emerged in 2017, new samples have appeared as recently as the last two months.
The malware appears to be the latest known cyber weapon available to the attack group associated with HenBox, which is also affiliated with the malware programs Poison Ivy, PlugX, Zupdax, 9002 RAT and PKPLUG malware.
An early sample reportedly delivered a decoy PDF document featuring a copied news article from a Myanmar website that reports news in the Southeast Asia region — a clue that Farseer’s intended victims are located in this geographic area.
SOURCE: https://www.scmagazine.com/home/security...x-malware/
![[-]](https://www.geeks.fyi/images/collapse.png)
