Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations


C.A.S (Cyber Anarchy Squad) is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. Besides data theft, its goal is to inflict maximum damage, including reputational. To this end, the group’s attacks exploit vulnerabilities in publicly available services and make extensive use of free tools.

Kaspersky latest investigation unearthed new activity by the group, explored the attack stages, and analyzed the tools and malware used. In addition, we discovered links between C.A.S and other hacktivist groups, such as the Ukrainian Cyber Alliance and DARKSTAR. Like most hacktivist groups, C.A.S uses Telegram as a platform to spread information about victims. We found a channel that posts news and messages about the group’s attacks and ideology, as well as a chat hosting a discussion of its activities.

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • US-CERT study predicts machine learning, transport systems to become security risks

    October 19, 2017

    The Carnegie-Mellon University’s Software Engineering Institute has nominated transport systems, machine learning, and smart robots as needing better cyber-security risk and threat analysis. That advice comes in the institute’s third Emerging Technology Domains Risk Survey, a project it has handled for the US Department of Homeland Security’s US-CERT since 2015. The surveys are cumulative, meaning any ...

  • Newly Discovered Iranian APT Group Brings State-sponsored Cyber Espionage into Focus

    October 17, 2017

    State-sponsored cyber espionage has been rising steadily in recent years. Whether it’s high-profile attacks such as North Korea’s hack of Sony in 2014, China’s alleged hack of the US’s Office of Personnel Management in 2015, or Russia’s alleged hack of the Democratic National Committee in 2016, the stories are mounting. Iran has also been in the cyber espionage news, with major ...

  • Spy vs spy vs hacker vs… who is THAT? Everyone’s hacking each other

    October 5, 2017

    VB2017 Intel agencies and top-tier hackers are actively hacking other hackers in order to steal victim data, borrow tools and techniques, and reuse each other’s infrastructure, attendees at Virus Bulletin Con, Madrid, were told yesterday. The increasing amount of spy-vs-spy type activity is making accurate threat intel increasingly difficult for security researchers, according to Kaspersky Lab. Threat intelligence ...

  • Microsoft Programming Error is Behind Dangerous Kernel Bug, Researchers Claim

    September 7, 2017

    Researchers claim a programming error in the Microsoft Windows kernel cracks the door open for malicious executables to bypass security software. The flaw, according to security firm EnSilo, has been present on previous versions of Windows dating back to Windows 2000 and can be found on Windows 10 as well. “The bug is a programming error ...

  • Attack Uses Docker Containers To Hide, Persist, Plant Malware

    July 27, 2017

    A novel attack vector allows for adversaries to abuse the Docker API to hide malware on targeted systems, and even execute remote code. The proof of concept attack was developed by researchers at Aqua Security, and the technique was first demonstrated today at Black Hat by Sagie Dulce, senior security researcher, with Aqua Security. The attack works ...

  • Critical RCE Vulnerability Found in Cisco WebEx Extensions, Again — Patch Now!

    July 17, 2017

    A highly critical vulnerability has been discovered in the Cisco Systems’ WebEx browser extension for Chrome and Firefox, for the second time in this year, which could allow attackers to remotely execute malicious code on a victim’s computer. Cisco WebEx is a popular communication tool for online events, including meetings, webinars and video conferences that help ...