Cannon is a type of malware that hackers sneak into a target computer and use to take screenshots of the infected computer’s homepage. The software then uses email to send the image back to the hacker and receive new instructions. It’s like a spy camera on a computer that can transmit pictures home, apparently to Russia.
Palo Alto Networks believes that the hacker behind Cannon is a group that has ended with an intelligence officer and is part of the Russian military spy agency GRU. Sometimes referred to as Fancy Bear, hacker organisations have also been accused of hacking the Democratic National Committee in 2016. Jen Miller-Osborn, deputy director of threat intelligence at Palo Alto Networks, said hacking tools use email to send information to accounts that hackers can access, both smart and novel.
Less than a week after Russian hackers pretending to be phishing emails from think-how, corporate and government agencies, Palo Alto Networks discovered the hacking tool called Cannon, when two other cybersecurity companies told Reuters. But they did not disclose the role of hackers in the attack, nor did they provide more information about specific target countries.