Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017.
VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies.
Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.
Kaspersky ICS CERT experts detected a wave of targeted attacks in several East European countries, as well as Afghanistan. Of the six backdoors identified on infected systems, five have been used earlier in attacks attributed to APT TA428.
This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022.