An ongoing cyber espionage campaign targeting Kazakhstan has been attributed to Russia-associated threat actors. Identified as UAC-0063, the group has overlapped activities with APT28, a group associated with the General Staff Main Intelligence Directorate of Russia. The campaign employs legitimate Microsoft Office documents from Kazakhstan’s Ministry of Foreign Affairs as traps for the Double-Tap infection chain, which uses the HATVIBE malware. The attacks have potentially sought intelligence from a number of sectors in Central Asia, East Asia, and Europe.
FBI forces Chinese malware to delete itself from thousands of US computers
The FBI successfully removed Chinese malware from 4,258 US computers by remotely activating the malware’s “self-delete” function. This malware was developed by Mustang Panda, a
