In May 2014 FireEye[1]and Crowdstrike[2] produced reports about the activities of “Flying Kitten”, otherwise known as the Ajax Security Team.
In July 2014 NCC Group’s Cyber Defence Operations team encountered several executables in our malware zoo that appear to be updated versions of the “Stealer” malware reported by FireEye in their report. We refer to this version as “Sayad”, which means “hunter” in Farsi, due to the presence of this string in the executables. Functionality remains consistent with older versions but with the addition of new communication modules, including the functionality to exfiltrate data using HTTP POST requests.
In this blog post we discuss some of the key features of this malware.
more here..............https://www.nccgroup.com/en/blog/2014/07/a-new-flying-kitten/
In July 2014 NCC Group’s Cyber Defence Operations team encountered several executables in our malware zoo that appear to be updated versions of the “Stealer” malware reported by FireEye in their report. We refer to this version as “Sayad”, which means “hunter” in Farsi, due to the presence of this string in the executables. Functionality remains consistent with older versions but with the addition of new communication modules, including the functionality to exfiltrate data using HTTP POST requests.
In this blog post we discuss some of the key features of this malware.
more here..............https://www.nccgroup.com/en/blog/2014/07/a-new-flying-kitten/