An ongoing cyber espionage campaign targeting Kazakhstan has been attributed to Russia-associated threat actors. Identified as UAC-0063, the group has overlapped activities with APT28, a group associated with the General Staff Main Intelligence Directorate of Russia. The campaign employs legitimate Microsoft Office documents from Kazakhstan’s Ministry of Foreign Affairs as traps for the Double-Tap infection chain, which uses the HATVIBE malware. The attacks have potentially sought intelligence from a number of sectors in Central Asia, East Asia, and Europe.
North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to
