{"id":172598,"date":"2023-09-23T02:24:35","date_gmt":"2023-09-23T07:24:35","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/09\/sandman-hackers-backdoor-telcos-with-new-luadream-malware"},"modified":"2023-09-23T02:24:35","modified_gmt":"2023-09-23T07:24:35","slug":"sandman-hackers-backdoor-telcos-with-new-luadream-malware","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/09\/sandman-hackers-backdoor-telcos-with-new-luadream-malware","title":{"rendered":"\u2018Sandman\u2019 hackers backdoor telcos with new LuaDream malware"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/sandman-hackers-backdoor-telcos-with-new-luadream-malware2.jpg\"><\/a><\/p>\n<p>A previously unknown threat actor dubbed \u2018Sandman\u2019 targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named \u2018LuaDream.\u2019<\/p>\n<p>This malicious activity was discovered by SentinelLabs in collaboration with QGroup GmbH in August 2023, who named the threat actor and malware after the backdoor\u2019s internal name of \u2018DreamLand client.\u2019<\/p>\n<p>The operational style of Sandman is to keep a low profile to evade detection while performing lateral movement and maintaining long-term access to breached systems to maximize its cyberespionage operations.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A previously unknown threat actor dubbed \u2018Sandman\u2019 targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named \u2018LuaDream.\u2019 This malicious activity was discovered by SentinelLabs in collaboration with QGroup GmbH in August 2023, who named the threat actor and malware after the backdoor\u2019s internal name of [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-172598","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/172598","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=172598"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/172598\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=172598"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=172598"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=172598"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}