Zero Day • 899 implied HN points • 26 Oct 23
- The StripedFly malware was initially thought to be a crypto miner but turned out to be a sophisticated spy platform that infected over a million victims worldwide since 2017.
- One unique aspect of StripedFly is the custom-coded TOR client used for communication and data transfer, which shows the attackers' high level of skill and security consciousness.
- StripedFly includes a ransomware component named ThunderCrypt, raising questions about the intent behind including ransomware in an espionage tool and how it fits into the overall operation.