A Dive into Earth Baku’s Latest Campaign

9 August 2024

Earth Baku, an advanced persistent threat (APT) actor that we previously wrote about in 2021, has expanded its activities to Europe, the Middle East, and Africa (MEA) beginning late 2022. The group has updated its tools, tactics, and procedures (TTPs) in more recent campaigns, making use of public-facing applications such as IIS servers as entry points for attacks, after which they deploy sophisticated malware toolsets on the victim’s environment, including the loaders StealthVector and StealthReacher, and the modular backdoor SneakCross.

Source: Trend Micro

Date:

9 August 2024

Categorie(s):

NEWS

Tag(s):

Campaigns, Dive, Earth, IT, News

Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024
DocuSign’s API used to lure victims into e-signing fake invoices5 November 2024
Schneider Electric ransomware crew demands $125k paid in baguettes5 November 2024
How to Become a Chief Information Officer: CIO Cheat Sheet5 November 2024
Research: Extending corporate life of laptops by just one year can reduce harmful emissions by 25%5 November 2024