Attackers are using Splinter, a new post-exploitation tool, to wreak havoc in victims’ IT environments after initial infiltration, utilizing capabilities such as executing Windows commands, stealing files, collecting cloud service account info, and downloading additional malware onto victims’ systems. Then the malicious code self-deletes, according to Palo Alto Networks’ Unit 42 threat hunters, which spotted the new penetration testing tool hiding in several of its customers’ systems.

Source: The Register