Janicab

Malware Profile Updated 3 months ago

Download STIX

Preview STIX

Janicab is a malicious software (malware) that has been utilized by the hack-for-hire group known as Deathstalker. This malware, which can infiltrate systems through suspicious downloads, emails, or websites, has the potential to steal personal information, disrupt operations, and even hold data hostage for ransom. The discovery of Janicab was announced by F-Secure, who identified it as a new trojan. Throughout 2020, and possibly into 2021, the Deathstalker group exploited a new variant of Janicab to target legal entities in the Middle East. This variant was uncovered by Kaspersky while investigating less common Deathstalker intrusions. Notably, this variant was used repeatedly in different campaigns, indicating its effectiveness and adaptability. Despite the threat posed by Janicab, it remains undetected by most anti-virus software and can bypass the built-in defenses of Mac OS X, especially if the user is unobservant or lacks technical savvy. This makes Janicab a significant cybersecurity concern, particularly for legal entities operating in the Middle East, and underscores the need for robust, updated security measures to mitigate such threats.

What's your take? (Question 1 of 1)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Malware

Trojan

Associated Malware

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
No associations to display

Associated Threat Actors

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
No associations to display

Associated Vulnerabilities

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
No associations to display

Source Document References

Information about the Janicab Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source	CreatedAt	Title
MITRE	a year ago	The Spring Dragon APT
MITRE	a year ago	The Safe Mac » New signed malware called Janicab
MITRE	a year ago	Project TajMahal – a sophisticated new APT framework \| Securelist
MITRE	a year ago	Minidionis – one more APT with a usage of cloud drives
Securelist	a year ago	How business works on the dark web: security of deals and regulatory mechanisms
CERT-EU	a year ago	Hack-for-Hire Groups Provide Corporate Espionage