The ColorLambert malware family is the most popular creation of the Longhorn hacking group. They also are known as The Lamberts, named after the previously mentioned malware family. It is believed that the Longhorn hacking group's activity traces back to 2008. This hacking group tends to go after high-profile targets only. Their main targets tend to be government bodies, as well as various companies operating in the automotive, healthcare, telecommunication fields.
The Malware Family
The ColoredLambert malware family was given its name because the threats it contains are all color-coded. Of course, each hacking tool in the ColoredLambert malware family is represented by a different color, and most of them serve different purposes:
- Black Lambert – This threat was the first one spotted by malware researchers, and it serves as a backdoor Trojan that connects to a C&C (Command & Control) server and extracts commands on how to carry out the attack. Such backdoors also are referred to as active backdoors.
- White Lambert – This is another backdoor Trojan that operates in a manner that is rather different from the Black Lambert. This threat does not extract instructions from the C&C server actively but rather awaits a ping from the C&C that would deliver the commands needed. This is known as a passive backdoor.
- Blue Lambert – Malware researchers have not determined with any certainty what the purpose of this threat is. It appears to be used in combination with the Black Lambert, and some speculate that it may be used as a backup backdoor if the attackers do not manage to execute the Black Lambert backdoor successfully.
- Green Lambert – This tool appears to be an outdated variant of the Blue Lambert. This backdoor Trojan, however, seems to be compatible with the OSX operating system.
- Pink Lambert – This seems to be the most complex tool in the Colored Lamberts family. It consists of a few modules, which make this tool very flexible. The threat can be used for espionage purposes, like a USB stealer and a custom-developed framework, which allows them to develop unique malware that is cross-platform compatible and can work on systems running Windows, OSX and Linux.
- Grey Lambert – This tool seems to be an upgraded variant of the Pink Lambert. It operates quieter and processes data faster.
Malware researchers speculate that the Longhorn hacking group may be a state-sponsored actor as their targets are always very high-profile, and it is likely that they might be doing the bidding of a government.
Do You Suspect Your PC May Be Infected with ColoredLambert & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like ColoredLambert as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.