top of page

Operation(loyalty) mercenary: a torrent of steel trapped in the plains of Eastern Europe

Qi Anxin Threat Intelligence Center has been keeping a high-intensity track on Russian-speaking threat actors and active underground forums. Recently, we observed that the world-famous Conti Group used Exchange vulnerabilities to target venture capital companies, luxury goods companies, and chip manufacturing companies in the past six months. , foreign companies and joint ventures in the manufacturing industry launched targeted attacks, these attacked companies have a common feature: "rich".


MALWARE FAMILIES: Conti, HackTool:Win64/CobaltStrike

ATT&CK IDS: T1471 - Data Encrypted for Impact, T1059.001 - PowerShell, T1003 - OS Credential Dumping

Read More:

1 view


Die Kommentarfunktion wurde abgeschaltet.
bottom of page