CyberScoop reports that the Metador threat group has only been recently discovered by SentinelOne's SentinelLabs researchers despite being active for at least two years already. Middle East- and Africa-based telecommunications and internet service providers, as well as universities, have been commonly targeted by Metador, which has been leveraging two Windows malware platform variants, as well as a Linux implant, noted researchers. While Metador could not be reliably attributed to any threat actor, SentinelLabs identified that Spanish has been used in the code of one of the group's malware platform variants dubbed "Mafalda," which was a popular Argentine cartoon character. Mafalda's code was also found to have a lyric from The Sisters of Mercy's song "Ribbons." "We consider the discovery of Metador akin to a shark fin breaching the surface of the water. It's a cause for foreboding that substantiates the need for the security industry to proactively engineer towards detecting the true upper crust of threat actors that currently traverse networks with impunity," said researchers.