Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations


C.A.S (Cyber Anarchy Squad) is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. Besides data theft, its goal is to inflict maximum damage, including reputational. To this end, the group’s attacks exploit vulnerabilities in publicly available services and make extensive use of free tools.

Kaspersky latest investigation unearthed new activity by the group, explored the attack stages, and analyzed the tools and malware used. In addition, we discovered links between C.A.S and other hacktivist groups, such as the Ukrainian Cyber Alliance and DARKSTAR. Like most hacktivist groups, C.A.S uses Telegram as a platform to spread information about victims. We found a channel that posts news and messages about the group’s attacks and ideology, as well as a chat hosting a discussion of its activities.

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware

    July 16, 2021

    A set of unique spyware strains created by an Israeli firm and allegedly used by governments around the world to surveil dissidents has been defanged by Microsoft, the software giant said. The private company, called variously Candiru, Grindavik, Saito Tech and Taveta (and dubbed “Sourgum” by Microsoft), reportedly sells its wares exclusively to governments, according to ...

  • Toddler mobile banking malware surges across Europe

    July 16, 2021

    Researchers have provided a deep dive into Toddler, a new Android banking Trojan that is surging across Europe. In a report shared with ZDNet, the PRODAFT Threat Intelligence (PTI) team said that the malware, also known as TeaBot/Anatsa, is part of a rising trend of mobile banking malware attacking countries, including Spain, Germany, Switzerland, and the ...

  • DDoS attack registered on Russian Defense Ministry website

    July 16, 2021

    The official website of the Russian Defense Ministry is down due to a DDoS attack, a source in the law enforcement informed TASS on Friday. “Specialists from the defense ministry are repelling a DDoS attack on the official website of the Defense Ministry,” the source said. Read more… Source: TASS  

  • Cyberattack on Moldova’s Court of Accounts destroyed public audits

    July 16, 2021

    Moldova’s “Court of Accounts” has suffered a cyberattack leading to the agency’s public databases and audits being destroyed. Court of Accounts of Moldova is a government authority that performs audits of public financial resources and government agencies to comply with international standards. Read more… Source: Bleeping Computer  

  • Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers

    July 16, 2021

    For the first time, researchers have publicly spotted a Linux encryptor used by the HelloKitty ransomware gang: the outfit behind the February attack on videogame developer CD Projekt Red. On Wednesday, MalwareHunterTeam disclosed its discovery of numerous Linux ELF-64 versions of the HelloKitty ransomware targeting VMware ESXi servers and virtual machines (VMs) running on them. Read more… Source: ...

  • US State Department offering $10 million reward for state-backed hackers

    July 15, 2021

    The State Department announced a $10 million reward for any information about hackers working for foreign governments. The measure is aimed squarely at those participating in “malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act.” Officials said in a release that this included ransomware attacks targeting “critical infrastructure.” Read more… Source: ...