![]() Guerrero-Saade, who presented a talk about Metador at the LABScon conference in Scottsdale, Arizona, with colleagues Amitai Ben Shushan Ehrlich and Aleksandar Milenkoskisays, shared information about the threat actor with researchers at other security firms as well as with government partners and none have seen evidence of the group’s activity before. They helped create tools that allowed NESA to spy on dissidents and other Middle East nations, and he thinks Metador may be the product of a similar contractor. He points to Dark Matter, a company based in the United Arab Emirates that hired former NSA hackers to develop spy tools for the UAE’s National Electronic Security Authority, or NESA (the UAE’s equivalent of the NSA). Guerrero-Saade speculates that Metador may be the product of a contractor working on behalf of a nation state. But this doesn’t necessarily mean a nation-state produced the malware. Juan Andrés Guerrero-Saade, senior director of SentinelLabs, which is operated by the security firm SentinelOne, says the technical complexity of the malicious platforms, the advanced operational security the group employs to thwart detection and the fact that they appear to be actively modifying the platforms as needed suggests a well-resourced group is behind the operation. Researchers at SentinelLabs, who discovered the threat actor and its malicious tools in late 2021, are calling the group Metador - a play on a phrase “I am meta” that appears in their malicious code as well as the word “matador” (some of the members of the threat group appear to be native Spanish speakers). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |