Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations


C.A.S (Cyber Anarchy Squad) is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. Besides data theft, its goal is to inflict maximum damage, including reputational. To this end, the group’s attacks exploit vulnerabilities in publicly available services and make extensive use of free tools.

Kaspersky latest investigation unearthed new activity by the group, explored the attack stages, and analyzed the tools and malware used. In addition, we discovered links between C.A.S and other hacktivist groups, such as the Ukrainian Cyber Alliance and DARKSTAR. Like most hacktivist groups, C.A.S uses Telegram as a platform to spread information about victims. We found a channel that posts news and messages about the group’s attacks and ideology, as well as a chat hosting a discussion of its activities.

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • Microsoft Exchange servers now targeted by Black Kingdom ransomware

    March 22, 2021

    Another ransomware operation known as ‘Black Kingdom’ is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ransomware. Based on the logs from his honeypots, Hutchins states that the threat actor ...

  • China takes aim at ‘spying’ Tesla cars, bans military staff use

    March 22, 2021

    Elon Musk has said Tesla would be “shut down” if accusations that the firm’s cars could be used for spying purposes were true. Last week, the Wall Street Journal reported that the Chinese government has restricted the use of Tesla vehicles in military and key, state-owned company settings. Military and government staff are reportedly not permitted to ...

  • Hacking group used 11 zero-days to attack Windows, iOS, Android users

    March 20, 2021

    Project Zero, Google’s zero-day bug-hunting team, discovered a group of hackers that used 11 zero-days in attacks targeting Windows, iOS, and Android users within a single year. The Project Zero team revealed that the hacking group behind these attacks ran two separate campaigns, in February and October 2020. This month’s report showcases the use of seven zero-days ...

  • Computer giant Acer hit by $50 million ransomware attack

    March 19, 2021

    Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. Acer is a Taiwanese electronics and computer maker well-known for laptops, desktops, and monitors. Acer employs approximately 7,000 employees and earned $7.8 billion in 2019. Yesterday, the ransomware gang announced on their data ...

  • NHS boss’s Twitter accounts hacked by PS5 scammers

    March 19, 2021

    NHS executive Helen Bevan had her two Twitter accounts, with nearly 140,000 followers, stolen by hackers and used to promote fake PlayStation 5 sales. She now has the accounts back but has received dozens of messages from people who fell for the scam. Ms Bevan also paid money to someone who said they could help – but ...

  • SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests

    March 18, 2021

    Cyberattackers involved in worldwide hacking campaigns are using the compromised systems of high-profile victims as playgrounds to test out malicious tool detection rates. On Thursday, Swiss cybersecurity firm Prodaft said that SilverFish (.PDF), an “extremely skilled” threat group, has been responsible for intrusions at over 4,720 private and government organizations including “Fortune 500 companies, ministries, airlines, ...