"FamousSparrow Hacking Group Targets Governments, Engineers Worldwide"

A new hacking group, dubbed FamousSparrow by ESET researchers, has targeted entities worldwide to spy on them. The group is believed to have been active since at least 2019, with links to attacks against governments, international organizations, engineering firms, legal companies, and the hospitality sector. Its victims are in the U.K., Israel, Saudi Arabia, Taiwan, Burkina Faso in West Africa, Brazil, Canada, and Guatemala. According to ESET, current threat data suggests that FamousSparrow is a separate group from other active Advanced Persistent Threats (APTs), but there seem to be some overlaps. For example, exploit tools used by FamousSparrow threat actors were set up using a command-and-control (C2) server associated with the DRDControl APT. In another case, the FamousSparrow group appeared to have been using a variant of a loader employed by SparklingGoblin. This new APT joined at least ten other APT groups that have exploited ProxyLogon vulnerabilities, which were disclosed in March and used to compromise Microsoft Exchange servers. This article continues to discuss findings surrounding the new APT group FamousSparrow regarding its targets, tools, and tactics. 

ZDNet reports "FamousSparrow Hacking Group Targets Governments, Engineers Worldwide"