The latest findings from BlackBerry demonstrate an evolution in the group's tactics, wherein a hard-coded Telegram channel is used to fetch the IP address of the server hosting the malware. The IP addresses are periodically rotated.
Support the originator by clicking the read the rest link below.