Kaspersky Lab Discovered A SessionManager Backdoor That Hackers Used To Spy On Government Agencies Around The World

Kaspersky Lab security experts discovered malicious malware that spied on the official websites of many government bodies and non-profit organizations throughout the world.

According to the press release, the hidden SessionManager backdoor is present on 34 servers in 24 companies. The software is embedded into computers remotely as a module for Microsoft IIS, which includes the Exchange mail server. Attackers exploit the ProxyLogon vulnerability to spread SessionManager and other malicious IIS modules.

It is noted that this SessionManager backdoor, among other things, allows hackers to read corporate mail, distribute malware and remotely control infected government servers.

According to Kaspersky Lab, the first attacks using the SessionManager backdoor were recorded at the end of March 2021. The victims are predominantly NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

Kaspersky Lab solutions successfully detect the SessionManager and aid in the prevention of future intrusions utilizing this backdoor.

Bhasker Dev
Bhasker Dev
Bhasker is our SEO Analyst and manages whole promotion. He is responsible for our website's visibility in all online social platform and search engines. He is also a freelance content creator who posts articles related to cybersecurity.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream