![]() ![]() These targets include embassies, ministries of foreign affairs, and diplomats. Victims we have seen targeted by Zebrocy are located in Azerbaijan, Bosnia and Herzegovina, Egypt, Georgia, Iran, Kazakhstan, Korea, Kyrgyzstan, Russia, Saudi Arabia, Serbia, Switzerland, Tajikistan, Turkey, Turkmenistan, Ukraine, Uruguay and Zimbabwe. ![]() These components play the same role in the Sednit ecosystem as Seduploader - that of first-stage malware. This new component is a family of malware, comprising downloaders and backdoors written in Delphi and AutoIt. Kaspersky mentioned this component for the first time in 2017 in their APT trend report and recently wrote an article where they quickly described it under the name Zebrocy. Toward the end of 2015, we started seeing a new component being deployed by the group: a downloader for the main Sednit backdoor, Xagent. ![]() The Sednit group – also known as APT28, Fancy Bear, Sofacy or STRONTIUM – is a group of attackers operating since 2004, if not earlier, and whose main objective is to steal confidential information from specific targets. Zebrocy heavily used by the Sednit group over last two years ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |