"GoldenJackal State Hackers Silently Attacking Govts Since 2019"

Since 2019, a relatively unknown Advanced Persistent Threat (APT) group called GoldenJackal has been conducting espionage against government and diplomatic entities in Asia. The threat actors have maintained a low profile for hiding, carefully selecting their victims, and limiting the number of attacks to reduce the likelihood of being discovered. Since 2020, researchers have been monitoring GoldenJackal, now reporting that the threat actors have been active in Afghanistan, Azerbaijan, Iran, Iraq, Pakistan, and Turkey. GoldenJackal uses a collection of custom .NET malware tools for various functions, including credential dumping, data theft, malware loading, lateral movement, file exfiltration, and more. The primary payload used to infect a system is JackalControl, which grants the perpetrators remote control of the infected computer. The malware can establish persistence by adding Registry keys, Windows scheduled tasks, or Windows services. This article continues to discuss the GoldenJackal APT group. 

Bleeping Computer reports "GoldenJackal State Hackers Silently Attacking Govts Since 2019"