Unam

Unam is a spyware that acts as a credential stealer and keylogger. It records keystrokes and steals sensitive info like usernames and passwords from infected systems. This info is then sent to command-and-control (C2) servers run by the attackers. Unam is stealthy so it can run undetected and is a risk to individuals and organizations.

Key Insights

Unam uses a network of C2 servers to manage infected machines and exfiltrate stolen data. These servers act as a middleman between the malware and the attackers, allowing remote control and data retrieval.

Data Exfiltration Methods

Once Unam is inside a system, it uses keylogging to record user keystrokes, stealing sensitive info like login credentials and personal messages. This data is then sent to the C2 servers for attacker access. Sihttps://hunt.io/glossary/detect-c2nce Unam is silent, users may not know they are breached until they see unauthorized activity.

Detection and Reporting

Researchers have been tracking Unam. Platforms like Hunt.io have documented IOCs associated with Unam, including IP addresses and domains used. This helps to identify and contain the threat.

Known Variants

No variants of Unam have been found as today

Mitigation Strategies

Update and patch software to fix vulnerabilities.
Use reputable antivirus and anti-malware to detect and remove threats.
Monitor network traffic for suspicious activity that may be C2 traffic.
Educate users on safe computing habits to prevent malware infection.

Targeted Industries or Sectors

No specific industries or sectors targeted. Since it’s a credential stealer and keylogger, it can be used to target any sector where sensitive info is valuable.