The Russian government agencies and industrial entities were targeted by the APT group Awaken Likho, resulting in the deployment of a new implant delivered via phishing for remote system control. The attackers established persistent access through scheduled tasks and utilized the MeshCentral platform, suggesting potential access to sensitive state-operated infrastructure, with risks of espionage, data exfiltration, or operational disruption. The extent of the damage and loss, including whether confidential information was compromised, is not specified. Continuing attacks by the group indicate an ongoing threat to these entities.
Source: https://securityaffairs.com/169563/apt/awaken-likho-apt-group-target-russia.html
"id": "bur001102424",
"linkid": "bureau-of-industry-and-security-u-s-department-of-commerce",
"type": "Breach",
"date": "10/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"