A newly discovered trojan by the name of NimbleMamba is suspected to originate from the Molerats threat group, who have been laying quiet for some time.
In keeping with Molerats' standard practices, NimbleMamba has been seen using spear-phishing emails to spread the trojan to its victims. NimbleMamba is thought to be the replacement for the group's LastConn backdoor. It uses geofencing to ensure the victim is in the target region, and uses a Dropbox API for data exfiltration and command-and-control operations.
Acronis Cyber Protect uses advanced behavioral detection to identify and block even the newest cyberthreats, like NimbleMamba, before adversaries can get a foothold on your systems.
