The BI.ZONE Threat Intelligence team has identified at least a dozen campaigns linked to Scaly Wolf.
The impact spreads across organizations from various industries in Russia, including manufacturing and logistics. One of the group’s characteristics in gaining initial access is their phishing emails designed to look like legitimate correspondence from Russian public authorities. Its phishing arsenal includes regulatory requirements and inquiries from Roskomnadzor (the Federal Service for Supervision of Communications, Information Technology and Mass Media), the Investigative Committee, and the Military Prosecutor’s Office, court orders, and other regulatory prescriptions. In rare cases, attackers disguise the letters as sales proposals.
Read more…
Source: BI.ZONE