Security researchers have discovered a previously unknown cyberespionage group that targets various high-profile companies and local governments mostly in Asia, Middle East and Africa. The group goes by the name Worok.
According to ESET security researchers, Worok group uses undocumented tools to carry out targeted attacks against various entities from the telecommunications, banking, maritime, energy, military, government and public sectors.
“We believe the malware operators are after information from their victims because they focus on high-profile entities in Asia and Africa, targeting various sectors, both private and public, but with a specific emphasis on government entities”, said ESET researcher Thibaut Passilly, who discovered Worok, in a statement.
Worok develops its own tools and leverages existing tools to compromise its targets. The group has been observed to be active since at least 2020.
There seemed to have been a break in Worok’s activity between May 2021 to January 2022 but it targeted an energy company in Central Asia and a public sector entity in Southeast Asia as recently as February 2022.