HIPSTING
Advanced Persistent Threat (APT) groups usually work with custom-made malware that has been crafted to keep a low profile specially, so that cybersecurity experts will be unable to catch it on time. Such is the case with the HIPSTING backdoor, a Trojan that enables its operators to send remote commands to the infected computer. The HIPSTING backdoor first surfaced in 2013, and its first signs of activity coincided with the appearance of another backdoor called TEMPFUN. Both of them share many similarities, but cybersecurity experts report that they are unlikely to be used by the same APT group – instead, the similarities might be owed to the fact that several groups are sharing the same threat actors, or that the developers of HIPSTING and TEMPFUN have used the same resources.
Once initialized, HIPSTING will connect to a remote Command and Control server, and begin to send encrypted messages that contain data about the host's software and hardware. Furthermore, the HIPSTING backdoor is able to fetch updated configuration for itself by connecting to a legitimate blog hosted on WordPress.com. However, such a configuration resource is unlikely to work too well since hosts like WordPress are very quick when it comes to discovering and halting users who abuse their services for nefarious purposes.
Organizations are urged to protect their networks from threats like HIPSTING by tightening their firewall rules, enabling reputable anti-virus software, and applying the latest updates and security patches to the software they use.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.