APT reports

Icefog OpenIOC Release

Yesterday we published our research on Icefog, a sophisticated cyber-espionage operation. You can read more about it here. We also have a detailed FAQ and in-depth report.

We’re sharing Indicators of Compromise based on the OpenIOC framework for Icefog. This way organizations have an alternative way of checking their network for presence of (active) Icefog infections.

You can download the ZIPed IOC file here.

Kaspersky products detect all malicious files associated with Icefog.

Icefog OpenIOC Release

Your email address will not be published. Required fields are marked *

 

Reports

MoonBounce: the dark side of UEFI firmware

At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.

Subscribe to our weekly e-mails

The hottest research right in your inbox