CERT-UA cybersecurity experts: "Free primary legal aid" email and password protected "Algorithm of actions of members of the family of a missing serviceman LegalAid.rar" spread the malware.
Cleafy cybersecurity experts: Threat actors behind the malware now target a specific financial institution at a time, and change their focus only once the victim starts to implement countermeasures.
Sentinel Labs cybersecurity experts: The the pro-China APT seeks initial access via document lures with porn themes and makes heavy use of USB shortcut techniques to spread malware.
Stairwell cybersecurity experts: The new North Korea’s malware spread via messages sent from the personal email of a former director of South Korea’s National Intelligence Service (NIS).
The North Korea’s APT uses spear phishing emails to cryptocurrency firm employees that mimic recruitments for high-paying jobs: Goal: to download the malware.
DoE, CISA, NSA and FBI cybersecurity experts from: They have developed custom tools that attack Schneider Electric and OMRON Sysmac NEX PLCs, and OPC-UA.
Symantec cybersecurity experts: The China-linked APT used unpatched vulnerabilities in Microsoft Exchange, the Sodamaster backdoor and other custom malware and tools.
Lab52 cybersecurity researchers: The App steals information from mobile devices and sends it to a server in Russia. It looks like Turla's work, but there is no confirmation.