SOUNDWAVE
It is a wrong idea to think that the hackers always use state-of-the-art malware that allows them to take full control over an infected computer and collect valuable data from it. Sometimes, cybercriminals use stealthy malware that raises no red flags, and the only way to spot its existence is to run an anti-virus scanner that will identify and report suspicious activity. One of the cyberthreats that the North Korean hackers from APT37 use is meant to record audio from the victim's microphone, save it to a '.log' file, and then exfiltrate it to a Command & Control server. The malware does nothing else on the compromised computer so that it is very unlikely that the victim with notice anything out of the ordinary.
Audio Recording Malware Captures Up to 100 Minute of Microphone Footage
The hackers from APT37 are believed to work in cooperation with the North Korean government, and their targets are often South Korean individuals, but they also have operated in certain parts of the Middle East. While their toolkit contains high-profile threats like the RUHAPPY disk wiper and the KARAE backdoor Trojan. They also employ some small and sophisticated tools like SOUNDWAVE – an audio recording tool that is meant to hijack the victim's microphone and record up to 100 minutes of audio.
SOUNDWAVE is likely to be used for reconnaissance solely since it does not contain any other features that would allow attackers to carry out additional operations on the compromised host. It is possible that the SOUNDWAVE malware may be brought as a second-stage payload by one of APT37's frequently used backdoor Trojans.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.