Threat Group Assessment: Muddled Libra


Palo Alto researchers have added an additional section to this article that describes the evolution of Muddled Libra activity since the beginning for 2024. This group is a dynamic one, and as members cycle in and out of the group, its knowledgebase and skill set naturally shift. Its toolbox has now expanded to include:

  • Social engineering of both end users and helpdesks
  • Traditional phishing
  • Inside access to business process outsourcers
  • Ransomware affiliations for extortion

Read more…
Source: Palo Alto Unit 42


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques

    January 17, 2022

    Since mid-2021, Trend Micro researchers have been investigating a rather elusive threat actor called Earth Lusca that targets organizations globally via a campaign that uses traditional social engineering techniques such as spear phishing and watering holes. The group’s primary motivation seems to be cyberespionage: the list of its victims includes high value targets such as ...

  • Cyber espionage campaign targets renewable energy companies

    January 17, 2022

    A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. The campaign was discovered by security researcher William Thomas, a Curated Intelligence trust group member, who employed OSINT (open-source intelligence) techniques like DNS scans and public sandbox submissions. Thomas’ analysis ...

  • Technology developed to track spread of coronavirus could be abused, privacy campaigner warns

    January 16, 2022

    A medical privacy campaigner says technology developed to track the spread of COVID-19 is a new form of surveillance that could be abused. Phil Booth, coordinator at MedConfidential, warned that increased monitoring of wastewater from sinks, drains and toilets, which can reveal infections and drug use, needs to be properly regulated. “The concerns will be raised more ...

  • Cybersecurity for Industrial Control Systems: Part 1

    January 15, 2022

    The ever-changing technological landscape has made it possible for the business process on the IT side of an enterprise to be interconnected with the physical process on the OT side. While this advancement has improved visibility, speed, and efficiency, it has exposed industrial control systems (ICSs) to threats affecting IT networks for years. Our expert team ...

  • Destructive malware targeting Ukrainian organizations

    January 15, 2022

    Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organizations to use the information in this post to ...

  • Critical Cisco Contact Center Bug Threatens Customer-Service Havoc

    January 14, 2022

    Cisco UCCE is an on-premises customer-service platform capable of supporting up to 24,000 customer-service agents using channels that include inbound voice, outbound voice, outbound interactive voice response (IVR) and digital channels. It also offers a feedback loop via post-call IVR, email and web intercept surveys; and various reporting options to gather information on agent performance ...