C.A.S (Cyber Anarchy Squad) is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. Besides data theft, its goal is to inflict maximum damage, including reputational. To this end, the group’s attacks exploit vulnerabilities in publicly available services and make extensive use of free tools.
Kaspersky latest investigation unearthed new activity by the group, explored the attack stages, and analyzed the tools and malware used. In addition, we discovered links between C.A.S and other hacktivist groups, such as the Ukrainian Cyber Alliance and DARKSTAR. Like most hacktivist groups, C.A.S uses Telegram as a platform to spread information about victims. We found a channel that posts news and messages about the group’s attacks and ideology, as well as a chat hosting a discussion of its activities.
Read more…
Source: Kaspersky
Related:
- Malicious Attachments Remain a Cybercriminal Threat Vector Favorite
August 27, 2020
While attachment threat vectors are one of the oldest malware-spreading tricks in the books, email users are still clicking on malicious attachments that hit their inbox, whether it’s a purported “job offer” or a pretend “critical invoice.” The reason why threat actors are still relying on this age-old tactic, researchers say, is that the attack is ...
- Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads
August 27, 2020
Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers. Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy of new techniques, according to researchers at Check Point who released ...
- SunCrypt Ransomware sheds light on the Maze ransomware cartel
August 26, 2020
A ransomware named SunCrypt has joined the ‘Maze cartel,’ and with their membership, we get insight into how these groups are working together. In June, we broke the story that the Maze threat actors created a cartel of ransomware operations to share information and techniques to help each other extort their victims. When first started, this cartel ...
- US government warns of North Korean hackers targeting banks worldwide
August 26, 2020
North Korean hackers tracked as BeagleBoyz have been using malicious remote access tools as part of ongoing attacks to steal millions from international banks according to a joint advisory issued today by several U.S. Government agencies. The joint release says that North Korea’s BeagleBoyz hacking group has once again started robbing banks through remote internet access ...
- New Zealand stock exchange halted trading after DDoS attacks
August 26, 2020
New Zealand’s stock exchange (NZX) has been impacted by distributed denial-of-service (DDoS) attacks during the last two days, forcing it to shut down trading until the connectivity issues were resolved. NZX operates New Zealand’s capital, risk, and commodity markets, and it supplies market information including real-time stock quotes, market data and news. The stock market announced around ...
- Transparent Tribe: Evolution analysis, part 2
August 26, 2020
Transparent Tribe, also known as PROJECTM or MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. In the last four years, this APT group has never taken time off. They continue to hit their targets, which typically are Indian military and government personnel. This is the second of ...

