December 3, 2023

US Cyber Command has exposed eight new malware samples that were developed and deployed by Russian hackers in recent attacks.

Six of the eight samples are for the ComRAT malware (used by the Turla hacking group), while the other two are samples for the Zebrocy malware (used by the APT28 hacking group).

Having evolved from the old Agent.BTZ malware.Both Turla and APT28 have consistently updated both tools to add evasion techniques and keep their malware undetected.

CISA & Federal Bureau of Investigation’s CyWatch, published two security advisories describing ComRAT and Zebrocy’s inner workings.Both have been formally linked to the Russian government’s cyber-espionage units.

Attribution for both ComRAT and Zebrocy has always been done in an informal manner in reports published by privately-owned security vendors, but never in advisories published by government agencies.

Victims of both malware have been identified in Eastern Europe and Central Asia, US Cyber Command said.

The joint US government advisory was published on Halloween. US cyber-security agencies have recently made it a habit to expose malware operations on well-known holidays as a way to send greetings to foreign threat actors.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2023

December 2, 2023

Staples affected by a Cyber Attack

December 2, 2023

CISA KEV Update Part I – December 2023

December 1, 2023 2

Dollar Tree Affected by a Third Party Breach

December 1, 2023

Apple Patches iOS zerodays – CVE-2023-42916 and CVE-2023-42917

December 1, 2023

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023
%d bloggers like this: