Trend Micro brings attention back to Pawn Storm, a persistent actor focused on high-value strategic targets. In this new campaign, the group deploys PRISMEX, a malware designed to operate stealthily in complex environments while maintaining long-term access without raising early suspicions.
One of the most notable aspects of the report is its multi-platform support: PRISMEX can run on Linux, macOS, and Windows, allowing it to adapt to heterogeneous infrastructures typical of governments and critical sectors. This operational flexibility suggests advanced preparation and a clear intention to maximize exposure surfaces.
Beyond technical details, the campaign reinforces a trend that has become increasingly evident but is no longer new: advanced actors are not seeking volume, but impact. Attacking critical infrastructure and public entities implies geopolitical, operational, and strategic value that transcends traditional cybercrime.
In this context, PRISMEX is not just another piece of malware; it is part of a broader strategy focused on infiltration, persistence, and potential long-term exploitation.