Ultimatum from the hactivists to TMC: Restore immediately Internet to the population, otherwise we will destroy the country cyber infrastructure.
Cybaze-Yoroi ZLAB cyber security experts: The campaign shows the Matryoshka structure to chain SFX archives, typical of APT implant, and the use of a legit third party RAT as payload.
Bleeping Computer: The ransomware authors, that hit also Italy, announced the end of the operations thanks to huge profits. The malware distribution will be stopped within 20 days.
Palo Alto cyber security experts: The APT exploited a recently patched remote code execution vulnerability to upload a variety of tools. From Mimikatz to HyperBro.
The cyber security experts of WordFence and the developers, however, fixed it before publishing the news. Users have to upgrade to 3.4.3 version ASAP to avoid cybercrime attacks.
Yoroi-Cybaze cyber security experts noticed a suspicious attack on an organization with spear phishing email and a RMS used as a RAT. The target is not linked to Banking-Retail sectors.
EnSilo cyber security experts: We detected a new activity in Southeast Asia, that exploited previously unknown loader’ variants and malware that is unique to the threat actor.
Tokyo wants to prevent technology theft or damages to defense output and technological foundation. Especially by state-sponsored actors.
Cisco Talos cyber security experts: It features several changes and improvements to control where the malware can spread and avoid analysis by sandboxes and antivirus.
Yoroi-Cybaze cyber security experts: They are “The Broken Doc”, “Hide Payload with Office Developer Mode”, and “Spoofed Signature”or “Certificate Spoofing”.