CovalentStealer Used in Attack on US Defense Entity

us defense computers

CovalentStealer is the name of a malicious tool used for data exfiltration. CovalentStealer was used in an attack on an entity operating in the US defense industrial base sector that was detailed only recently, despite taking place months ago.

CovalentStealer was just one of the components of the multi-payload attack. The hackers behind the hit are believed to be advanced persistent threat actors.

CovalentStealer was used alongside a malicious toolkit called Impacket. Impacket was the malware used to originally compromise the target and establish a foothold on its systems. From that point on, CovalentStealer was used to exfiltrate sensitive information from the victim.

CovalentStealer was used to steal files stored on file shares and funnel them onto a cloud folder set up using Microsoft OneDrive and run by the hackers.

According to the investigations into the attack conducted by the CISA and the FBI, the APTs behind the attack likely stayed hidden on the compromised systems for a long time before putting their data theft operation into full gear.

By Zaib
October 10, 2022
Malware
English
October 10, 2022
Malware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

5 years ago

What is the OperaGXSetup.exe File and is it Malicious?

11 months ago

Eporner.com And Why Its Excessive Pop-Ups Are Risky

11 days ago

HackTool:Win32/Crack: a Malicious Threat That Can Seriously...

7 months ago

Take Note: Someone Added You As Their Recovery Email Scam

10 months ago

A Potentially Serious Threat: Trojan:Win32/Suschil!rfn

18 days ago

Related Posts

Malware

TEARDROP Malware

The TEARDROP Malware is identified as a basic Trojan Dropper, which was used by the cybercriminals behind the recent supply-chain attack linked to the SolarWinds software vendor. This campaign involved the use of a... Read more

April 26, 2021
Malware

Remove VaporRage Malware

Nobelium, or APT29, is a cybercrime organization believed to operate from Russia. They gained popularity in the beginning of 2021 because of their attack against the SolarWinds software vendor. For this campaign, the... Read more

June 1, 2021
Malware

Moserpass Malware Spread Through Supply-chain Attack Involving Popular Password Manager

Supply-chain attack campaigns are one of the most difficult and dangerous methods that cybercriminals use to propagate malware. These attacks are executed by compromising a legitimate software vendor's network, and... Read more

April 28, 2021
English
Loading...

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2025 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.