Since late 2023, BI.ZONE Threat Intelligence experts have been tracking the activity of Bloody Wolf. The cluster attacks organizations in Kazakhstan with STRRAT, a commercial malware also known as Strigoi Master.
The attackers send out phishing emails on behalf of the Ministry of Finance of the Republic of Kazakhstan and other agencies. The emails have PDF attachments with download links for the malware and for a Java interpreter installation guide (the program supports malware operation).
Read more…
Source: BI.ZONE
Related:
- Calypso APT Emerges from the Shadows to Target Governments
October 31, 2019
A newly discovered APT group, dubbed Calypso after a custom malware RAT that it uses, has been targeting state institutions in six different countries since 2016. Government organizations in India (34 percent), Brazil and Kazakhstan (18 percent respectively), Russia and Thailand (12 percent respectively) and Turkey (6 percent) have all been successfully infiltrated at some point, ...
- Firefox And Chrome Fight Back Against Kazakhstan’s Spying
August 21, 2019
Against the backdrop of China, Russia, and Iran working to sequester their own private, national internets, other countries like Kazakhstan have experimented with similar balkanization and internet-control initiatives. Kazakhstan first piloted a monitoring system in 2015 that would offer access to all web traffic within the country, even encrypted data. After fierce debate and some legal hurdles over the ...