Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Epoxydude via Getty

A well-known cyber crime group launched new malware that may signal that they — and possibly other groups as well — are moving towards stealth, reconnaissance and agility, according to Proofpoint, the firm that discovered the new "Marap" malware.

What's a Marap? Marap was created by the same group responsible for the widespread banking credential harvester Dridex and the ransomware Locky. It's designed to download other programs — the first stage of an attack.

Marap is stealthy, even among downloaders. Kevin Epstein, vice president of Proofpoint's threat operation center, explains: Marap is loaded up with tools to evade security tools and analysis and appears to be designed to lay mostly dormant while the hackers decide what they want to do.

What they're saying: "We don't see many things this stealthed and quiet," said Epstein, even among other downloaders.

The strategy: Epstein contrasts Marap with other downloaders that might come bundled with other functions or immediately start a download of a more feature rich malicious program. Instead, Marap sends a very small package of information about the computer it infected back to its developers and awaits further instructions.

If Marap is the first stage in an attack, Proofpoint has yet to see stage two. They have not seen Marap execute instructions to start downloading anything.

  • Epstein said the firm believes that the delay is to use the information about its victims to determine the most lucrative next step, whether that's setting up long-term shop in a server with valuable data or installing a cryptocurrency mining program in a more mundane system.

Why it matters: The firm thinks this might signal a change in how attackers approach their craft, from a period of quick hit criminal moves to more deliberate action.

"You don't switch from stick-ups to heists if the stick-ups still get all the money you want," explained Epstein.

The criminal group behind Marap, sometimes refered to as TA505, is known for distributing its malware over the Necurs botnet, which has changed its main focus in recent days.

Go deeper

7 hours ago - World

Biden seeks to reboot U.S. sanctions policy

Sanctions increased under Obama and dramatically under Trump. Photo: Tom Williams/CQ Roll Call

The Biden administration is rethinking the U.S. approach to sanctions after four years of Donald Trump imposing and escalating them.

The big picture: Sanctions are among the most powerful tools the U.S. has to influence its adversaries’ behavior without using force. But they frequently fail to bring down regimes or moderate their behavior, and they can increase the suffering of civilians and resentment of the U.S.

7 hours ago - World

Merkel's farewell spoiled by Poland crisis at EU summit

One last awkward EU "family photo." Photo: John Thys/AFP via Getty Images

Angela Merkel took up her vaunted mantle as Europe's crisis manager for what could be the last time tonight, as she urged the EU to find compromise in its showdown with Poland.

Why it matters: The European Commission has threatened to withhold over $40 billion in pandemic recovery funds after Poland's constitutional tribunal — stacked with loyalists from the ruling right-wing populist party — rejected the principle that EU law has primacy over national law.

Republicans who put it all on the line

Rep. Nancy Mace speaks with reporters after voting to hold Steve Bannon in contempt of Congress. Photo: Anna Moneymaker/Getty Images

A small contingent of House Republicans risked their political futures on Thursday, they say, in the name of constitutional responsibility.

Why it matters: The nine Republicans who voted to hold former Trump aide Steve Bannon in contempt of Congress are now in peril of becoming political pariahs. They've opened themselves up to potential primary challengers and public attacks from their party's kingmaker — former President Trump.