Cannon

Malware updated 6 months ago (2024-05-04T18:18:53.814Z)
Download STIX
Preview STIX
The Cannon malware is a sophisticated and harmful program designed to infiltrate computer systems, often through suspicious downloads, emails, or websites. The actor initiates the attack by sending an email to a specific address with a unique system identifier as the subject and a file path for the Cannon Trojan to save the secondary payload. The malware then logs into a secondary email account via POP3S, searching for emails that match the unique system identifier. It opens the correct email, saves a particular attachment, decodes hexadecimal data within the message to obtain a secondary email account, and acknowledges receipt of this secondary email address by sending a confirmation email from one of three accounts. The Cannon's operations are not intercepted by China's Great Firewall, but they are potentially influenced by another system known as the Great Cannon (GC). This system employs an adversary-in-the-middle approach, altering packets en route to their destination. Meanwhile, advancements in AI technology such as AI translation software, AI-generated narration for videos, chatbots like ChatGPT, and generative AI overall could provide adversaries with an essentially limitless supply of digital cannon fodder, as suggested by a report from the Atlantic Council’s Digital Forensic Research Lab. In the physical realm, "cannon" has been used to describe various incidents, including those involving conflicts between China and the Philippines over disputed territories in the South China Sea. In these instances, Chinese vessels have reportedly fired water cannons at Philippine vessels during resupply missions. Meanwhile, on the domestic front, Kevin McCarthy's alleged interference in the leadership of the Intelligence Committee has led some to question whether the committee will become "cannon fodder" for his political maneuvering.
Description last updated: 2024-04-29T20:15:45.578Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
China
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Cannon Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
DARKReading
6 months ago
CERT-EU
8 months ago
CERT-EU
10 months ago
Unit42
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
MITRE
2 years ago
MITRE
2 years ago
MITRE
2 years ago
MITRE
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago