A new custom-developed backdoor program has been used in highly targeted attacks against organizations from Taiwan, Japan, South Korea, and the United States over the past year.
Malware researchers from Symantec first came across the program, which they’ve named Dripion, in August 2015. However, due to its custom nature and sparse use, it has managed to fly under the radar since as early as November 2013.
When their analysis began, the Symantec researchers believed Dripion was a local threat used against organizations in Taiwan, where most of its victims were found. However, since then they have found computers infected with the backdoor in other countries as well.
To read this article in full or to leave a comment, please click here