skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

New C++ Variant of BellaCiao Malware Discovered

/ 1 min read

🕵️‍♂️ Charming Kitten enhances malware capabilities with BellaCiao and BellaCPP. The BellaCiao malware family, attributed to the APT actor Charming Kitten, combines webshell persistence with covert tunneling and has evolved since its emergence in April 2023. Recent investigations revealed a new C++ variant, BellaCPP, which operates similarly to its .NET predecessor but lacks webshell functionality. Both variants utilize descriptive PDB paths that provide insights into their targets and versioning practices, indicating ongoing development. The discovery of BellaCPP underscores the need for comprehensive network investigations, as attackers may deploy undetected samples to maintain access even after known threats are removed. This evolution highlights the adaptive strategies employed by Charming Kitten in their cyber operations.

Source
{entry.data.source.title}
Original