No Rest For The Wicked: Evilnum Unleashes PyVil RAT

Research by: Tom Fakterman

Over the course of the last few months, the Cybereason Nocturnus team has been investigating the activity of the Evilnum group. The group first emerged in 2018, and since then, Evilnum’s activity has been varied, with recent reports using different components written in Javascript and C# as well as tools bought from the Malware-as-a-Service provider Golden Chickens.

The group’s operations appear to be highly targeted, as opposed to a widespread phishing operation, with a focus on the FinTech market by way of abusing the Know Your Customer regulations (KYC), documents with information provided by clients when business is undertaken. Since its first discovery, the group’s mainly targeted different companies across the UK and EU.

Read more on Cybereason.

About the author: Dissent

Comments are closed.