Attacks with a Conti ransomware code-based backdoor have been deployed by the new Muliaka ransomware operation against businesses across Russia since at least December, according to The Record, a news site by cybersecurity firm Recorded Future. Windows systems and VMware ESXi infrastructure of one Russian company had been compromised with the malware after Muliaka had infiltrated its VPN network through phishing emails distributing a fraudulent version of the firm’s antivirus system, a report from Russian Group-IB spinoff F.A.C.C.T.

Source: SC Magazine