Malwarebytes experts have named the new APT group Red Stinger. The group carried out espionage operations against Ukraine, specifically targeting KRITIS areas.
Malwarebytes' threat intelligence team has released investigations into a new Advanced Persistent Threat (APT) group Red Stinger, which has been conducting espionage operations in Ukraine, some of which aimed to monitor government organizations.
Attacks on Ukraine-KRITIS
Malwarebytes' investigations began as early as September 2022. Overall, attacks by the APT group were identified from the end of 2020. The newly discovered APT group is targeting facilities in the Russian-Ukrainian conflict region.
Targets include critical infrastructure, military, transportation and government organizations, including officials and individuals involved in the September 2022 referendums in eastern Ukraine. The attacks were primarily about espionage and data gathering.
The group does not only target units linked to Ukraine. Institutions allied with Russia were also among the victims. The group has been active since 2020 - and has therefore stayed under the radar for at least three years. Among other things, the attackers managed to exfiltrate screenshots, USB drives, keystrokes and microphone recordings. Based on the scripts used by the attackers, Malwarebytes believes this is an APT group never seen before.
More information on the discovered APT cyber operations can be found in a Malwarebytes blog post. The blog provides details about the attacks and targets, schedules, data exfiltrated, and scripts used by the attackers.
More at Malwarebytes.com
Do you have a moment?
Take a few minutes for our 2023 user survey and help make B2B-CYBER-SECURITY.de better!You only have to answer 10 questions and you have an immediate chance to win prizes from Kaspersky, ESET and Bitdefender.
Here you go directly to the survey
Via Malwarebytes Malwarebytes protects home users and businesses from dangerous threats, ransomware and exploits that are undetected by antivirus programs. Malwarebytes completely replaces other antivirus solutions in order to avert modern cybersecurity threats for private users and companies. More than 60.000 companies and millions of users trust Malwarebyte's innovative machine learning solutions and its security researchers to avert emerging threats and eliminate malware that antiquated security solutions fail to detect. You can find more information at www.malwarebytes.com.