The Chinese-speaking hacker group IronHusky has been deploying updated versions of the MysterySnail remote access trojan (RAT) malware against Russian and Mongolian government organizations. The malware, found during an investigation into recent cyberattacks, creates a backdoor into targeted systems, downloads payloads and executes commands. The group has also created a new, lighter form of the RAT known as MysteryMonoSnail. The IronHusky group has been tracked since 2017 and is known for collecting sensitive intelligence, and exploiting various vulnerabilities.
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
Russian state-affiliated hacking group APT29 has launched a phishing campaign targeting diplomatic offices across Europe. The campaign uses a new version of WINELOADER malware and
