June 11, 2023

US Cyber Command has exposed eight new malware samples that were developed and deployed by Russian hackers in recent attacks.

Six of the eight samples are for the ComRAT malware (used by the Turla hacking group), while the other two are samples for the Zebrocy malware (used by the APT28 hacking group).

Having evolved from the old Agent.BTZ malware.Both Turla and APT28 have consistently updated both tools to add evasion techniques and keep their malware undetected.

CISA & Federal Bureau of Investigation’s CyWatch, published two security advisories describing ComRAT and Zebrocy’s inner workings.Both have been formally linked to the Russian government’s cyber-espionage units.

Attribution for both ComRAT and Zebrocy has always been done in an informal manner in reports published by privately-owned security vendors, but never in advisories published by government agencies.

Victims of both malware have been identified in Eastern Europe and Central Asia, US Cyber Command said.

The joint US government advisory was published on Halloween. US cyber-security agencies have recently made it a habit to expose malware operations on well-known holidays as a way to send greetings to foreign threat actors.

Tags:

Leave a Reply

You may have missed

VMware Patches Vulnerabilities in Aria

VMware Patches Vulnerabilities in Aria

June 10, 2023
Fractureiser Malware Targets MineCraft

Fractureiser Malware Targets MineCraft

June 10, 2023
MoveIt New SQL Vulnerability ! Patch It

MoveIt New SQL Vulnerability ! Patch It

June 10, 2023
Japanese Pharma Eisai Victim of Ransomware Attack

Japanese Pharma Eisai Victim of Ransomware Attack

June 9, 2023
ACT Government Victim of Barracuda ESG Vulnerability

ACT Government Victim of Barracuda ESG Vulnerability

June 9, 2023
Anonymous Sudan Claims Responsible for Outlook Outages

Anonymous Sudan Claims Responsible for Outlook Outages

June 9, 2023
%d bloggers like this: