In 2023, Positive Technologies Computer Security Incident Response Team (PT CSIRT) discovered that a certain power company was compromised by the Decoy Dog trojan.
According to the PT CSIRT investigation, Decoy Dog has been actively used in cyberattacks on Russian companies and government organizations since at least September 2022. This trojan was previously discussed by NCIRCC, Infoblox, CyberSquatting, and Solar 4RAYS. However, the sample positive Technologies found on the victim’s host was a new modification of the trojan, which the adversaries altered in such a way as to make it harder to detect and analyze. As far as the researchers can tell, the APT group Hellhounds that uses Decoy Dog only targets organizations located in Russia.
Read more…
Source: Positive Technologies