Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent Read more…

Iranian State-Sponsored OilRig Group

Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders

Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders Dec 14, 2023NewsroomMalware / Cyber Espionage The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and Read more…

LummaC2 Malware

LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique

LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique Nov 20, 2023NewsroomMalware / Cyber Attack The stealer malware known as LummaC2 (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to Read more…

Russian Cyber Espionage

Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks

Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks Nov 18, 2023NewsroomCyber Attack / USB Worm Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon’s (aka Read more…