top of page
Search

Operation(loyalty) mercenary: a torrent of steel trapped in the plains of Eastern Europe

Qi Anxin Threat Intelligence Center has been keeping a high-intensity track on Russian-speaking threat actors and active underground forums. Recently, we observed that the world-famous Conti Group used Exchange vulnerabilities to target venture capital companies, luxury goods companies, and chip manufacturing companies in the past six months. , foreign companies and joint ventures in the manufacturing industry launched targeted attacks, these attacked companies have a common feature: "rich".




ADVERSARY: Conti


MALWARE FAMILIES: Conti, HackTool:Win64/CobaltStrike


ATT&CK IDS: T1471 - Data Encrypted for Impact, T1059.001 - PowerShell, T1003 - OS Credential Dumping


Read More:

1 view

Kommentare


Die Kommentarfunktion wurde abgeschaltet.
bottom of page