A cyber espionage campaign targeting organizations in Russian-occupied regions of Ukraine is using novel malware to steal data, according to Russia-based infosec software vendor Kaspersky.
In a report published Tuesday, Kaspersky researchers detailed the infections, which use a PowerShell-based backdoor they’ve named “PowerMagic” and a previously unknown framework dubbed “CommonMagic” that can steal files from USB devices, take screenshots every three seconds, and send all of this data back to the attacker.