Cyberspies linked to Memento ransomware use new PowerShell malware

An Iranian state-backed hacking group tracked as APT35 (aka Phosphorus or Charming Kitten) is now deploying a new backdoor called PowerLess and developed using PowerShell. The threat group also used the previously unknown malware to deploy additional modules, including info stealers and keyloggers, according to a report published today by the Cybereason Nocturnus Team. The PowerLess backdoor features encrypted command-and-control communication channels, and it allows executing commands and killing running processes on compromised systems.

Read more about it here.