Incidents

29A member convicted in Russia

In Russia a virus writer known as Whale has been pronounced guilty. His real name is Evgenii Suchkov, and we know that he belonged to 29A, the notorious virus writing group. We think he may also be a member of HangUp Team, a similar Russian group.

Suchkov’s trial was on 22nd October this year in Izhevsk, Russia. He admitted that he was guilty of writing two complex viruses: Stepar and Gastropod. He created these viruses and put the source code and exe files on some virus writing sites, including 29A website.

He was only fined 3,000 roubles or $100 and now has a criminal record. This isn’t much – but the court didn’t have any evidence to prove that the viruses had caused any material loss. But now Russian virus writers know that they are not always going to be able to hide from the law. And the world knows that Russia is doing something about virus writing.

29A member convicted in Russia

Your email address will not be published. Required fields are marked *

 

Reports

Ferocious Kitten: 6 years of covert surveillance in Iran

Ferocious Kitten is an APT group that has been targeting Persian-speaking individuals in Iran. Some of the TTPs used by this threat actor are reminiscent of other groups, such as Domestic Kitten and Rampant Kitten. In this report we aim to provide more details on these findings.

Andariel evolves to target South Korea with ransomware

In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. After a deep analysis, we came to a conclusion: the Andariel group was behind these attacks.

Operation TunnelSnake

A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia.

Subscribe to our weekly e-mails

The hottest research right in your inbox