Russian government agencies and industrial entities

Russian government agencies and industrial entities

The Awaken Likho APT group, also known as Core Werewolf and PseudoGamaredon, launched a targeted campaign using a new implant to infiltrate Russian government entities and enterprises. This campaign utilized phishing emails with malicious URLs to distribute the MeshAgent tool, enabling remote system control. An SFX archive concealed the attack by displaying a decoy document while setting up the MeshAgent to maintain a persistent connection with the attackers' server. This allowed for continuous remote access, compromising the integrity of the targeted systems. The attack underscores the evolving threat tactics and sophistication of the APT group.

Source: https://securityaffairs.com/169563/apt/awaken-likho-apt-group-target-russia.html

"id": "def000101524",
"linkid": "defense-security-cooperation-agency",
"type": "Cyber Attack",
"date": "10/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.