ABCDoor backdoor activity in Silver Fox attacks
Malware Activity
Summary
Hide ▲
Show ▼
The newly identified ABCDoor backdoor is being used in real-world attacks by Silver Fox, expanding the group's malware set and increasing the risk of covert remote access. It has been active since at least late 2024 and continued into Q1 2025 and beyond. The malware supports persistence, C2 over HTTPS, and stealthy remote interaction, including screen streaming and input control. Its use alongside established payloads shows an ongoing malware operation rather than a one-off discovery.
Related Happenings
Showboat Linux post-exploitation backdoor framework
Malware Activity
First: 21.05.2026 17:17
Last: 21.05.2026 17:17
Sources 1
About this happening:
The **Showboat** Linux malware has been identified as a **modular post-exploitation framework** used since **at least mid-2022**, raising the risk of persistent access on compromi...
Showboat Linux post-exploitation backdoor framework
Malware ActivityAbout this happening: The **Showboat** Linux malware has been identified as a **modular post-exploitation framework** used since **at least mid-2022**, raising the risk of persistent access on compromi...
Open-OSS/privacy-filter Hugging Face infostealer activity
Malware Activity
First: 11.05.2026 10:05
Last: 11.05.2026 10:05
Sources 1
About this happening:
A malicious **Hugging Face repository** called **Open-OSS/privacy-filter** impersonated **OpenAI's Privacy Filter** and delivered a **Rust-based information stealer** to **Windows...
Open-OSS/privacy-filter Hugging Face infostealer activity
Malware ActivityAbout this happening: A malicious **Hugging Face repository** called **Open-OSS/privacy-filter** impersonated **OpenAI's Privacy Filter** and delivered a **Rust-based information stealer** to **Windows...
ClockRemoval.ps1 antivirus-disabling malware activity linked to Dragon Boss Solutions LLC
Malware Activity
First: 15.04.2026 17:40
Last: 15.04.2026 17:40
Sources 1
About this happening:
A signed software operation linked to **Dragon Boss Solutions LLC** was observed using **ClockRemoval.ps1** to disable antivirus on **more than 23,000 endpoints worldwide**, raisi...
ClockRemoval.ps1 antivirus-disabling malware activity linked to Dragon Boss Solutions LLC
Malware ActivityAbout this happening: A signed software operation linked to **Dragon Boss Solutions LLC** was observed using **ClockRemoval.ps1** to disable antivirus on **more than 23,000 endpoints worldwide**, raisi...
JanelaRAT malware activity targeting Latin American banks
Malware Activity
First: 13.04.2026 20:15
Last: 13.04.2026 20:15
Sources 1
About this happening:
**JanelaRAT** continues targeting **Latin American banks and financial institutions**, with telemetry showing **14,739 attacks in Brazil** in **2025** and **11,695 in Mexico**, ra...
JanelaRAT malware activity targeting Latin American banks
Malware ActivityAbout this happening: **JanelaRAT** continues targeting **Latin American banks and financial institutions**, with telemetry showing **14,739 attacks in Brazil** in **2025** and **11,695 in Mexico**, ra...
Dindoor backdoor activity in MuddyWater operations
Malware Activity
First: 06.03.2026 17:15
Last: 06.03.2026 17:15
Sources 1
About this happening:
Researchers identified **Dindoor**, a previously unknown backdoor, on targeted networks tied to **MuddyWater**, showing the group was using a new intrusion toolset. The malware ap...
Dindoor backdoor activity in MuddyWater operations
Malware ActivityAbout this happening: Researchers identified **Dindoor**, a previously unknown backdoor, on targeted networks tied to **MuddyWater**, showing the group was using a new intrusion toolset. The malware ap...
Timeline
-
04.05.2026 14:35 2 articles · 23d ago
ABCDoor backdoor activity in Silver Fox attacks
Initial DisclosureThe first stage used **tax-themed phishing emails** and archive-based lures to trigger malware delivery. Those initial messages led to loader execution and the deployment of backdoor payloads.
Show sources
- Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia — www.darkreading.com — 04.05.2026 14:35
- Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia — www.darkreading.com — 04.05.2026 14:35