The Platinum APT (Advanced Persistent Threat) has remained active ever since it was first spotted back in 2009. The hacking group appears to operate in the Asia-Pacific region mainly, and it seems to target political organizations and high-ranking officials in the area. This is why cybersecurity researchers believe that a government in the region may be funding the operations of the Platinum APT, although these remain as speculations at this moment.
Makes Sure to Remain under the Radar of Security Tools
The Platinum hacking group has released a new tool named Titanium recently. The Titanium malware is a complex backdoor Trojan, which has a long list of capabilities. The Titanium Trojan’s self-preservation capabilities are impressive as this threat can detect malware debugging environments, anti-malware tools, and various security features especially. The Platinum hacking group appears to be utilizing several different infection vectors in the propagation of the Titanium backdoor Trojan. The actors behind the Titanium Trojan have made sure that this threat operates very silently to stay under the radar of the victim. To remain undetected, the Titanium Trojan injects the majority of its modules into the memory of the compromised host and makes sure to use barely any files. To hide the corrupted code of the Titanium Trojan, the operators of this threat use a Trojan Loader, so that anti-malware applications do not detect the threat. The creators of the Titanium backdoor Trojan also make sure that its code is obfuscated heavily and encrypted to reduce further the chances of anti-virus tools to spot its harmful activity.
Once the Titanium backdoor Trojan manages to infiltrate the targeted host, its operators can utilize it as a tool for espionage. Furthermore, the Titanium Trojan can serve as a backdoor for the attackers to plant additional threats on the infected system. When the Titanium backdoor Trojan has compromised a computer successfully, it will establish a connection with the attackers’ C&C (Command & Control) server and wait for commands. The Titanium Trojan is able to:
- Modify the system files on the computer.
- Download files from the Web.
- Execute files from the Web.
- Execute files received from its operators’ C&C server.
- Read files on the system.
- Exfiltrate files to its operators’ C&C server.
- Execute remote commands.
The Platinum APT remains an active and threatening hacking group, and we are yet to find out who they work for or what their end goal is.
Do You Suspect Your PC May Be Infected with Titanium & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Titanium as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.