Verticals Targeted: Insurance, Aerospace, Transportation, Education, Finance, Technology, Healthcare, Automotive, Hospitality, Energy, Government, Media, Manufacturing, Telecommunications
Related Families: Dtrack, Dora RAT, TigerRAT, SmallTiger, LightHand, ValidAlpha
Verticals Targeted: Military, Defense, Engineering, Technology, Education, Construction, Manufacturing, Gambling, Energy
Executive Summary
Last week, the US Department of Justice (DOJ) indicted Rim Jong Hyok, an individual allegedly affiliated with Silent Chollima. The group has been active since at least 2014 and is known to conduct espionage operations on behalf of North Korea.
Related Families: Macma, Suzafk
Verticals Targeted: NGO
Executive Summary
Evasive Panda recently updated its arsenal to include new TTPs and updated versions of existing malware. They were also observed using a shared framework for malware targeting Windows, Linux, MacOS, and Android systems.
Executive Summary
Pakistan-based threat actor group Mythic Leopard was recently observed using new CapraRAT samples to expand their targeting.
Verticals Targeted: Government
Executive Summary
DISGOMOJI is a RAT controlled via emojis sent over Discord. It was recently observed targeting government entities in India.
Related Families: GoBear, Troll Stealer, BetaSeed, Endor
Verticals Targeted: Government
Executive Summary
North Korea nexus threat actor group Velvet Chollima was observed using a new Linux backdoor, dubbed Gomir, to target entities in South Korea.
Related Families: OCEANMAP, MASEPIE, STEELHOOK
Verticals Targeted: Government
Executive Summary
Fancy Bear was recently observed engaging in a phishing campaign targeting entities in Ukraine. In the campaign, the threat actors used three never before seen malware families, OCEANMAP, MASEPIE, and STEELHOOK.
Related Families: Mandibule, Cobalt Strike, Trochilus, RedLeaves
Verticals Targeted: Government