Nikita Nazarov
Team Lead Threat Intelligence Group
Publications
Reports
Focus on DroxiDat/SystemBC
An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack.
APT trends report Q2 2023
This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.
Operation Triangulation: iOS devices targeted with previously unknown malware
While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.
Meet the GoldenJackal APT group. Don’t expect any howls
GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.
Subscribe to our weekly e-mails
The hottest research right in your inbox
