Ukraine War: CommonMagic APT campaign expands
Recent Kaspersky research shows that the threat actor behind the CommonMagic campaign is expanding its malicious activities, both regionally and from a technical perspective. According to them, the newly discovered framework 'CloudWizard' has extended its victimology to organizations in central and western Ukraine; so far, companies in the Russian-Ukrainian war zone have been affected. In addition, Kaspersky experts were able to link the initially unknown actor to previous APT campaigns such as Operation BugDrop and Operation Groundbait (Prikormka). Back in March of this year, Kaspersky reported on a new APT campaign in the Russian-Ukrainian war zone called CommonMagic, which will use PowerMagic and CommonMagic implants...