Threat Management, Threat Intelligence, Malware

Delilah trojan seeks company weaknesses through insiders

Researchers spotted a trojan, dubbed Delilah, designed to target potential insiders via social engineering, extortion, and ransomware tactics.

The trojan infects users via downloads from popular adult and gaming sites and once installed, the bot gathers personal information from the victim, including data on their family and workplace, so that the victim can later be manipulated or extorted, according to a Gatrner blog citing Diskin Advanced Technologies (DAT).

The bot also comes with a social engineering plug that connects to webcam operations so the attacker can secretly film the victim, the blog said.

Researchers said Delilah is currently buggy and requires a high level of human involvement to identify and prioritize targets who can be extorted into operating as insiders at desirable target organizations.

The trojan is only shared among closed hacker groups and is not yet available on the common black market. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.