With a tip that came from one of the biggest breaches in US National Security Agency history, researchers have discovered a new hacking group that infected targets with a previously unknown piece of advanced malware.
Hints of the APT—short for advanced persistent threat—group first emerged in April 2017. That’s when a still-unidentified group calling itself the Shadow Brokers published exploits and code developed by, and later stolen from, the NSA. Titled “Lost in Translation,” the dispatch was best known for publishing the Eternal Blue exploit that would later power the WannaCry and NotPetya worms that caused tens of billions of dollars’ worth of damage worldwide. But the dump included something else: a script that checked compromised computers for malware from a variety of APTs.
