Janicab

Malware Profile Updated 25 days ago
Download STIX
Preview STIX
Janicab is a malicious software (malware) that has been utilized by the hack-for-hire group known as Deathstalker. This malware, which can infiltrate systems through suspicious downloads, emails, or websites, has the potential to steal personal information, disrupt operations, and even hold data hostage for ransom. The discovery of Janicab was announced by F-Secure, who identified it as a new trojan. Throughout 2020, and possibly into 2021, the Deathstalker group exploited a new variant of Janicab to target legal entities in the Middle East. This variant was uncovered by Kaspersky while investigating less common Deathstalker intrusions. Notably, this variant was used repeatedly in different campaigns, indicating its effectiveness and adaptability. Despite the threat posed by Janicab, it remains undetected by most anti-virus software and can bypass the built-in defenses of Mac OS X, especially if the user is unobservant or lacks technical savvy. This makes Janicab a significant cybersecurity concern, particularly for legal entities operating in the Middle East, and underscores the need for robust, updated security measures to mitigate such threats.
What's your take? (Question 1 of 0)
392bd2f0-ca41-4711-8bda-3d9e14370c9f Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Janicab Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
The Safe Mac ยป New signed malware called Janicab
CERT-EU
a year ago
Hack-for-Hire Groups Provide Corporate Espionage
MITRE
a year ago
Minidionis โ€“ one more APT with a usage of cloud drives
MITRE
a year ago
The Spring Dragon APT
MITRE
a year ago
Project TajMahal โ€“ a sophisticated new APT framework | Securelist
Securelist
a year ago
How business works on the dark web: security of deals and regulatory mechanisms