Kaspersky Lab Discovered A SessionManager Backdoor That Hackers Used To Spy On Government Agencies Around The World

Kaspersky Lab security experts discovered malicious malware that spied on the official websites of many government bodies and non-profit organizations throughout the world.

According to the press release, the hidden SessionManager backdoor is present on 34 servers in 24 companies. The software is embedded into computers remotely as a module for Microsoft IIS, which includes the Exchange mail server. Attackers exploit the ProxyLogon vulnerability to spread SessionManager and other malicious IIS modules.

It is noted that this SessionManager backdoor, among other things, allows hackers to read corporate mail, distribute malware and remotely control infected government servers.

According to Kaspersky Lab, the first attacks using the SessionManager backdoor were recorded at the end of March 2021. The victims are predominantly NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

Kaspersky Lab solutions successfully detect the SessionManager and aid in the prevention of future intrusions utilizing this backdoor.

Bhasker Das
Bhasker Das
Bhasker Das, with a master's in Cybersecurity, is a seasoned editor focusing on online security, privacy, and protection. When not decrypting the complexities of the cyber world, Anu indulges in his passion for chess, seeing parallels in strategy and foresight.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream