Fraud Management & Cybercrime , Social Engineering Escalation of Cyberespionage Likely Tied to Upcoming European Elections Akshaya Asokan (asokan_akshaya) • April 4, 2024 German agencies including the Federal Office for Information Security warned about an uptick in phishing emails targeting political parties. (Image: Shutterstock) German federal agencies warned that phishing attacks targeting political […]
ESET researchers discovered a cyberespionage campaign that, since at least September 2023, has been victimizing Tibetans through a targeted watering hole (also known as a strategic web compromise), and a supply-chain compromise to deliver trojanized installers of Tibetan language translation software. The attackers aimed to deploy malicious downloaders for Windows and macOS to compromise website […]
A cyberespionage group known as XDSpy recently targeted Russian military-industrial enterprises, according to new research. XDSpy is believed to be a state-controlled threat actor, active since 2011, that primarily attacks countries in Eastern Europe and the Balkans. In its latest campaign in November, hackers attempted to gain access to the systems of a Russian metallurgical […]
Russian state-sponsored hackers have targeted embassies and international organizations in a recent cyber-espionage campaign, Ukrainian government cybersecurity researchers have found. The attacks were attributed to the infamous hacker group labeled APT29, also known as Cozy Bear or Blue Bravo. Analysts previously have linked it to Russia’s Foreign Intelligence Service (SVR), which gathers political and economic […]
Researchers have uncovered a new cyberespionage campaign targeting the telecommunications industry and government organizations across Kazakhstan, Uzbekistan, Pakistan, and Vietnam. The campaign, named Stayin Alive, has been active since 2021 and is possibly the work of a Chinese threat actor called ToddyCat. Infection process The campaign employs spear-phishing emails and DLL side-loading to deliver archive […]
Researchers at SentinelOne have noticed a potential cyberespionage group, whose origins are unclear (as of now), and employed modular backdoors and covert techniques to target telecommunication firms in the Middle East, Western Europe, and South Asia. This group, labeled Sandman APT, utilizes a new backdoor named LuaJIT, which is a just-in-time compiler for the Lua […]
A novel and sophisticated backdoor malware named Deadglyph was seen used in a cyberespionage campaign targeting a government agency in the Middle East. The malware is attributed to the Stealth Falcon hacking group, which is infamous for targeting activists, journalists, and dissidents. Deadglyph infection method While the exact delivery method is currently unknown, it is […]
A recently discovered Linux backdoor malware, named SprySOCKS, was observed in a cyberespionage campaign targeting government agencies in multiple countries. The campaign was attributed to the Chinese hacking group Earth Lusca. More about SprySOCKS In the campaign, the attackers used a Linux variant of the ELF injector called mandibule to drop SprySOCKS. The backdoor employs […]
An Iranian state-backed APT group carried out a “wave” of cyber-espionage attacks against thousands of global targets over a six-month period, Microsoft has revealed. The group known as Peach Sandstorm (aka APT33, Elfin, and Refined Kitten) used password spraying techniques between February and July 2023. This is a brute-force technique where threat actors try to […]