EU financial company attacked with EvilNum malware
Proofpoint's threat research team has observed that the hacker group, dubbed TA4563 by the company, is using the EvilNum malware to attack various European financial and investment firms. EvilNum is a backdoor used to steal data or download additional malware payloads can be used. The most recently observed campaigns by the group exclusively targeted companies from the decentralized finance sector (Decentralized Finance: DeFi). Previously, however, organizations involved in the foreign exchange business or trading in cryptocurrencies also came into the crosshairs of the attackers. DeathStalker or EvilNum at Work As part of its investigations, Proofpoint was able to…