Evilnum ATP hacker group change tactics and targets financial firms with new Python-based malware

Posted on 5 September 2020

From 2-spyware.com

Evilnum group released attacks targeting FinTech firms

The Advanced Persistent Threat group named Evilnum used Python remote access trojan in attacks on financial tech organizations.^[1] Spear-phishing attack allowed hackers to hide in the Windows system as several legitimate programs, so the RAT could work as it was designed for and exfiltrate data, run various commands.^[2] Targets were mainly UK and Europe fintech firms.^[3]