Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation BackConfig

Government and military organizations in South Asia were targeted with the BackConfig custom trojan by the Hangover threat group. Legitimate websites were compromised to distribute a weaponized Microsoft Excel document which required the victim to enable macros to start the installation process. The operation used various techniques for persistence, privilege escalation, and defense evasion including BITS jobs, hidden files and directories, scheduled task, and self-signed digital certificates.
Name Modified Date Sources
Operation BackConfig 2020-05-21