{"id":37941,"date":"2020-10-30T18:30:11","date_gmt":"2020-10-30T18:30:11","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/"},"modified":"2020-10-30T18:30:11","modified_gmt":"2020-10-30T18:30:11","slug":"the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/","title":{"rendered":"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2016\/10\/20\/shutterstock_russian_hackers.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>The US government, in full pre-presidential election high alert, has issued a warning about an evolved strain of backdoor malware from a Russian offensive cyber unit.<\/p>\n<p>The Zebrocy backdoor, warned the CISA infosec agency, has evolved \u2013 and while the agency didn&#8217;t explicitly link it to Russia, previous research from the private sector made it abundantly clear who the malware&#8217;s operators are.<\/p>\n<p>&#8220;Two Windows executables identified as a new variant of the Zebrocy backdoor were submitted for analysis. The file is designed to allow a remote operator to perform various functions on the compromised system,&#8221; said the CISA in an <a target=\"_blank\" href=\"https:\/\/us-cert.cisa.gov\/ncas\/analysis-reports\/ar20-303b\" rel=\"noopener noreferrer\">advisory<\/a> published overnight.<\/p>\n<p>The EXEs spotted doing the rounds are &#8220;designed to encrypt future communication&#8221; using AES-128 and could be used by malicious people, such as Russia&#8217;s GRU spy agency, for purposes including file enumeration, screenshotting and creating scheduled tasks for achieving persistence on a target system or network.<\/p>\n<p>ESET researcher Alexis Dorais-Joncas told <i>The Register<\/i>: &#8220;The CISA warning is a good and accurate summary of the malware&#8217;s capabilities attributed to the Zebrocy toolset. The two files mentioned in the advisory were used in attacks that took place in summer 2019 against usual targets in Eastern European and Central Asian countries.&#8221;<\/p>\n<p>In its latest threat intel report ESET said Zebrocy&#8217;s operators &#8220;took inspiration&#8221; from a NATO event to devise a new lure for &#8220;one of their downloaders written in [the programming language] Nim&#8221;. It added: &#8220;This campaign is similar to their usual modus operandi, a phishing email with an archive attached. Luring the victim to expect a benign document, the attackers provide an executable with a PDF icon, but which is actually a malicious downloader leading to a potential backdoor as the final stage.&#8221;<\/p>\n<p>Previous ESET research published in September <a target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/2019\/09\/24\/no-summer-vacations-zebrocy\/\" rel=\"noopener noreferrer\">last year<\/a> showed how the Kremlin-backed APT28 hacking crew, more precisely identified by the British and US governments as <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2020\/10\/19\/russians_charged_olympics\/\" rel=\"noopener noreferrer\">including GRU unit 74455<\/a>, went into detail about Zebrocy&#8217;s lures and functionality.<\/p>\n<p>Despite numerous government-level attribution campaigns, Russian state-backed hackers simply won&#8217;t stop. While <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2020\/10\/19\/russians_charged_olympics\/\" rel=\"noopener noreferrer\">criminal charges have been laid against some individuals<\/a> the deterrent effect appears to be minimal \u2013 meaning this won&#8217;t be the last public warning about the crew&#8217;s activities. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2020\/10\/30\/zebrocy_warning_us_cisa\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yep, it&#8217;s the artists occasionally known as APT28 The US government, in full pre-presidential election high alert, has issued a warning about an evolved strain of backdoor malware from a Russian offensive cyber unit.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":37942,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-37941","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-30T18:30:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"655\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election\",\"datePublished\":\"2020-10-30T18:30:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/\"},\"wordCount\":389,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/10\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/\",\"name\":\"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/10\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg\",\"datePublished\":\"2020-10-30T18:30:11+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/10\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/10\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg\",\"width\":655,\"height\":500},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/","og_locale":"en_US","og_type":"article","og_title":"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-10-30T18:30:11+00:00","og_image":[{"width":655,"height":500,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election","datePublished":"2020-10-30T18:30:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/"},"wordCount":389,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/","url":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/","name":"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg","datePublished":"2020-10-30T18:30:11+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election.jpg","width":655,"height":500},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/the-russians-are-at-it-again-zebrocy-backdoor-malware-is-evolving-uncle-sam-warns-close-to-eve-of-presidential-election\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37941","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=37941"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37941\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/37942"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=37941"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=37941"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=37941"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}