Close Menu
JustwebworldJustwebworld
  • Astrology
  • Business & Finance
    • Cryptocurrency
    • Make Money
    • Entrepreneur
    • Brands
    • Companies
    • Personal Finance
      • Banking
      • Insurance
      • Trading and Investing
  • Tech
    • Computing
    • Cybersecurity
    • Electronics
    • Android
    • Apple
    • Gadgets
    • Social Media
    • Mobile Apps
    • Softwares
  • Education
    • Vocabulary
    • Abbreviations
    • General Knowledge
    • Writing & Translation
  • Lifestyle
    • Beauty & Cosmetics
    • Fashion & Style
    • Furniture & Decor
    • Luxury
    • People & Relationships
    • Pets and Animals
    • Shopping
    • Parenting
    • Gardening
    • Birthdays
  • Health
  • Travel
  • Auto
  • Gaming
  • Food
  • Entertainment
  • Sports
Facebook X (Twitter) Instagram
Wednesday, July 9
  • About
  • Contact Us
  • Advertise With Us
  • Disclaimer
  • Terms & Conditions
  • Privacy Policy
JustwebworldJustwebworld
  • Astrology
  • Business & Finance
    • Cryptocurrency
    • Make Money
    • Entrepreneur
    • Brands
    • Companies
    • Personal Finance
      • Banking
      • Insurance
      • Trading and Investing
  • Tech
    • Computing
    • Cybersecurity
    • Electronics
    • Android
    • Apple
    • Gadgets
    • Social Media
    • Mobile Apps
    • Softwares
  • Education
    • Vocabulary
    • Abbreviations
    • General Knowledge
    • Writing & Translation
  • Lifestyle
    • Beauty & Cosmetics
    • Fashion & Style
    • Furniture & Decor
    • Luxury
    • People & Relationships
    • Pets and Animals
    • Shopping
    • Parenting
    • Gardening
    • Birthdays
  • Health
  • Travel
  • Auto
  • Gaming
  • Food
  • Entertainment
  • Sports
JustwebworldJustwebworld
Home » Technology » Cybersecurity » Discovery of New APT: “the Sharks Are Circling”

Discovery of New APT: “the Sharks Are Circling”

Sophia BrittBy Sophia Britt Cybersecurity Technology
Facebook Twitter LinkedIn Telegram Pinterest Reddit Email WhatsApp
Follow Us
WhatsApp Telegram
Share
Facebook Twitter LinkedIn Pinterest Reddit Telegram WhatsApp

Recently, a number of key infrastructure providers in Africa and the Middle East stumbled upon a threat actor towering over its low-effort peers. These insidious attacks are characterized by custom-built malware platforms, delivered via precise, segmented methods.

These attackers have already evaded victims for extended periods of time. Now, their discovery has sent ripples of fear throughout the world. ISP security solutions have painted the picture of a shark fin breaching the water’s surface

Table of Contents

Toggle
  • What is an APT
    • Introducing Metador
    • Metador: Still a Mystery
    • An IPS for ISPs

What is an APT

What is an APT

The unfortunate fact is that software will always contain exploits. Though this could keep the anxious security professional up at night, the industry’s saving grace is that most attackers operate under motivations that are mercifully simple.

Financial aims, for instance, drive attackers towards a quantity over quality approach. The weakest organizations may have unpatched vulnerabilities that stretch back decades; it’s these that automated attacks and hungry criminals will gladly strip bare. For most organizations, their defenses continue to be just good enough to avoid low-effort exploitation.

Advanced Persistent Threat (APT) actors turn this good-enough mentality on its head: these attackers use state-of-the-art, continuous access techniques to not only gain access to a system, but remain inside, completely undetected for prolonged periods of time.

APT attackers are often motivated politically, with many groups funded or operating directly under the commands of national governments. These groups undertake defined cybersec operations that push the objectives of the supporting country.

Introducing Metador

Earlier this year, a swathe of ISPs, telecommunication providers, and universities were found to be hosting a number of unique malware strains, the aim of which appeared to be persistent espionage. These instances were found primarily in African and Middle Eastern providers.

Also Read: A Guide To Mobile App Testing A Guide To Mobile App Testing

The tools in use were an eclectic mix of older, rudimentary techniques, alongside highly agile and industry-savvy implementation. The group’s primary focus: MetaMain and Mafalda. These are two custom-built malware platforms, aimed at Windows OS, which support vast swathes of escalation and payload detonation techniques.

MetaMain, the first of these, represents a feature-rich platform that aims to support and enforce long-term access. This also allowed for Metador to log keystrokes, transfer and execute files between systems, and execute shellcode. Finally, MetaMain acts as an auxiliary program to deploy Mafalda.

Mafalda represents Metador’s creme de la creme. This uber-flexible implant has native support for over 65 commands, including an impressively broad suite of ransomware and spyware capabilities. Metador’s expertise is reflected in their malware infrastructure, too. Both of these platforms install themselves on an infected device’s memory, as opposed to the disk drive that would be easier to detect and delete.

Alongside this, throughout Metador’s already extensive victim list, every single victim has been targeted via a unique command and control server. This greatly decreases the risk of discovery, as the detection of one victim lends researchers no further clues to any others.

Furthermore, when one telecom victim installed a detection system on their infected network, Metadordevs moved rapidly, shipping a retooled version and then engaging in heavy rounds of obfuscation to thwart analysis.

Metador: Still a Mystery

Though APTs are regularly funded by hostile governments, there is no such attribution on Metador’s head just yet. The name originates from a line included in the code, which stated “I am meta”; the second half of the name reflects clues that the devs, or attackers, could speak Spanish.

Also Read: Looking for VAPT In India? Here’s What You Need Looking for VAPT In India? Here’s What You Need

A number of different cultural references and languages throughout the coding suggests multiple developers have worked on this throughout its lifespan. Finally, despite a lack of discovered examples, the current software’s version history suggests a timeline of development that extends far longer than researchers have discovered.

Metador continues to baffle researchers. Despite the utmost care being displayed, the operators don’t seem to particularly care whether their victims are compromised by other attacking groups. One Middle Eastern telecoms victim was also host to ten other attacking groups, including China’s Moshen Dragon.

This is rare for APTs to allow cross-contamination of their victims: deconfliction is a process that usually runs just before deployment. This checks for the presence of other malware, and – if detected – shuts the attack down. The philosophy behind this is that, the more groups latching onto a target, the more likely the victim will be alerted to an attack.

Furthermore, it also increases the risk of infighting or theft between attacking groups. It’s possible for one attacker to steal the code, or related information, employed by other ATPs. Metador appear not to care about these risks, however.

An IPS for ISPs

Internet service providers manage huge swathes of personal information, alongside supporting millions of customers. This makes them particularly alluring targets, as they are fantastic platforms for supply chain and large scale spyware attacks.

ISP infrastructure must evolve with attackers, and modern, hyper-vigile ATPs require next-generation defenses. A major part of this is data and network visibility. Cloud-based and hybrid platforms can represent an insurmountable task for your security team; it can be incredibly difficult to discover remote resources called by specific cloud-based operations.

Also Read: How to Protect Your WiFi Connection How to Protect Your WiFi Connection

Cutting-edge security solutions provide automated data discovery and classification tools, which allow you to thoroughly assess your organization’s risk, alongside freeing up working hours that would be spent combing through assets. From edge devices used by remote-working employees, to core on-premise networks reserved for the highest level of security, your asset detection system must match your organization’s architecture exactly.

Alongside actively monitoring the state of your organization’s data, it’s vital that your security solution provider has a comprehensive and adaptive intrusion detection system. Traditional perimeter-based security models have been proven ineffective time and time again, which means modern security demands Intrusion Prevention Systems (IPS).

These automated systems focus on network and application behavior, not just pre-existing malware signatures. This way, even novel attacks from groups such as Metador are found, alerted, and eradicated.

Join 25,000+ smart readers—don’t miss out!

Follow on WhatsApp Follow on Telegram
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Telegram WhatsApp Copy Link
Previous ArticleHow to Compare Good Gold IRAs
Next Article Countries That Start With The Letter G
Sophia Britt

Sophia Britt is a versatile content writer with a talent for creating engaging and informative content across various topics. Her writing is clear, compelling, and designed to connect with readers. Whether it's tech, business, lifestyle, or travel, she knows how to make words work. Always curious and creative, Sophia delivers content that stands out.

Related Posts

Walkie-Talkie That Works Nationwide: The Power of LTE Push-to-Talk

Cloud‑Based Nonprofit Case Management Software: Remote Access for Field Teams

How I Automated Half My Work Using No-Code Tools!

How Safe Is Your Data? A Real Look Into Everyday Privacy

How to Use Virtual Numbers for 24/7 Customer Support | Boost Customer Service & Business Communication

How AI Is Changing Lead Generation for Small Businesses In 2025

Leave A Reply

Join 25K+ smart readers!
Categories
Latest Posts

Walkie-Talkie That Works Nationwide: The Power of LTE Push-to-Talk

Digital Products To Sell Without Showing Your Face – Ultimate Guide 2025

Electric Car Charger Installation Guide (2025): Cost, Setup & Home EV Charging Tips

The Homeowner’s Handbook to Maintaining and Cleaning Venetian Blinds

Joey Chestnut: Hot Dog King | Career, World Records, Contests & Net Worth Revealed!

Diogo Jota Biography: Liverpool Hero, Portugal Icon & A Shocking Loss That Stunned the Football World

Elevate Your Skills With Master Personal Trainer Certification

Which First Aid Course Is Right for You? A Complete Guide

Top 4 Ways a Free Online Video Editor Can Boost Your Brand Presence

Labubu: The Viral Pop Mart Toy Everyone Wants! | Price, Variants, Authenticity Guide & Where to Buy

Quick Links
Age Calculator
Angel Number Calculator
Case Converter
Sudoku Online
Word Counter
Love Calculator
Useful Links
Number to Words
Period Calculator
Yes-No Picker Wheel
Demon Name Generator
Kingdom Name Generator
Harry Potter Name Generator
Helpful Resources
Colors Name In English
Best Computer Brands
WhatsApp Web
Most Beautiful Beaches
Tesla Cybertruck Review
Richest Actors in the World
Explore More
Good Morning Handsome
Best English Songs of All Time
Cricket World Cup Winners
Ways to Say Rest In Peace
Britain’s Got Talent Winners
American Idol Winners
Facebook X (Twitter) Instagram Pinterest YouTube Tumblr LinkedIn WhatsApp Telegram Threads RSS
  • About
  • Contact Us
  • Advertise With Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions
  • Web Stories
Copyright © 2012-2025. JustWebWorld - All Rights Reserved. | Sitemap

Type above and press Enter to search. Press Esc to cancel.

×

👇 Bonus Reads for You 🎁

TunesKit iPhone Unlocker for Mac
Tuneskit iPhone Unlocker – A New Tool To Eliminate Lock Screens On Iphone Devices
All You Need to Know about iPhone7
All You Need to Know about iPhone7 – Next Generation Apple iPhone7
Internet Statistics
Some Intriguing Web Stats From 2020
who+deleted+me
How to Know who deleted/unfriended you On Facebook?