0
Please log in or register to do it.

The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises.

Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB’s formal exit from Russia earlier this year.

Cloud Atlas, active since at least 2014, is a cyber espionage group of unknown origin. Also called Clean Ursa, Inception, Oxygen, and Red October, the threat actor is known for its persistent campaigns targeting Russia, Belarus, Azerbaijan, Turkey, and Slovenia.

In December 2022, Check Point and Positive Technologies detailed multi-stage attack sequences that led to the deployment of a PowerShell-based backdoor referred to as PowerShower as well as DLL payloads capable of communicating with an actor-controlled server.

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies
Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft

Your email address will not be published. Required fields are marked *