C.A.S (Cyber Anarchy Squad) is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. Besides data theft, its goal is to inflict maximum damage, including reputational. To this end, the group’s attacks exploit vulnerabilities in publicly available services and make extensive use of free tools.
Kaspersky latest investigation unearthed new activity by the group, explored the attack stages, and analyzed the tools and malware used. In addition, we discovered links between C.A.S and other hacktivist groups, such as the Ukrainian Cyber Alliance and DARKSTAR. Like most hacktivist groups, C.A.S uses Telegram as a platform to spread information about victims. We found a channel that posts news and messages about the group’s attacks and ideology, as well as a chat hosting a discussion of its activities.
Read more…
Source: Kaspersky
Related:
- Twitch source code, business data, gamer payouts leaked in massive hack
October 6, 2021
An unknown hacker has leaked the entirety of Twitch’s source code among a 128 GB trove of data released this week. The hack, first reported by Video Games Chronicle and confirmed by multiple sources, includes: The entirety of twitch.tv, with commit history going back to its early beginnings Mobile, desktop and console Twitch clients Creator payout reports from 2019 Proprietary ...
- New UEFI bootkit used to backdoor Windows devices since 2012
October 5, 2021
A newly discovered and previously undocumented UEFI (Unified Extensible Firmware Interface) bootkit has been used by attackers to backdoor Windows systems by hijacking the Windows Boot Manager since 2012. Bootkits are malicious code planted in the firmware (sometimes targeting UEFI) invisible to security software that runs within the operating system since the malware is designed to ...
- Apache Web Server Zero-Day Exposes Sensitive Data
October 5, 2021
Apache Software has quickly issued a fix for a zero-day security bug in the Apache HTTP Server, which was first reported to the project last week. The vulnerability is under active exploitation in the wild, it said, and could allow attackers to access sensitive information. According to a security advisory issued on Monday, the issue (CVE-2021-41773) ...
- Hong Kong firm becomes latest marketing company hit with REvil ransomware
October 5, 2021
Hong Kong marketing firm Fimmick has been hit with a ransomware attack, according to a British cybersecurity firm monitoring the situation. Fimmick has offices in Hong Kong and across China, serving several high-profile clients like McDonalds, Coca-Cola, Shell, Asus and others. Their website is currently down and there was no response to ZDNet requests for comment. Matt ...
- IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft
October 5, 2021
Three vulnerabilities in the IP video-surveillance systems created by Axis Communications could allow arbitrary code execution, among other attacks. That’s according to Nozomi Networks Labs, whose researchers examined the company’s Axis Companion Recorder, a compact network video recorder (NVR) that stores IP surveillance video coming from attached cameras (it can support up to eight at one ...
- BlackBerry ties malware campaign targeting victims in India to Chinese cyberespionage group
October 5, 2021
The BlackBerry Research & Intelligence team released a new report on Tuesday linking disparate malware campaigns to Chinese cyberespionage group APT41, noting that the group has been taking advantage of Cobalt Strike activity using a bespoke Malleable C2 Profile that uses COVID-19 phishing lures to target victims in India. The team was able to link phishing ...

