Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

CISCO’s critical vulnerability in uniform grants on root access to static credentials

July 3, 2025

North Korean Hackers Target Web3 with malicious NIM software and use Clickfix in Babyshark

July 2, 2025

Hackers using PDFs to get yourself for Microsoft, Docusign and more in phishing campaigns return call

July 2, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Space pirates aimed at Russian IT
Global Security

Space pirates aimed at Russian IT

AdminBy AdminFebruary 27, 2025No Comments3 Mins Read
LuckyStrike Agent Malware
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


February 27, 2025Red LakshmananMalicious software / network safety

Malicious Luckstrike software

The actor of the threat, known as space pirates, was associated with a malicious company aimed at Russian information technology (IT) with previously unregistered malware programs called Luckystrike Agent.

The activity was discovered in November 2024 by the solar, cybersecurity of the Russian state telecommunications company Rostelecom. This is the tracking activity under the name of Erudite Mogwai.

The attacks are also characterized by the use of other tools such as Act Ratalso called Shadowpad Light and an individual version Associate utility call Stowawaypreviously used by other China groups.

Cybersecurity

“Erudite Mogwai is one of the active apt groups specializing in the theft of sensitive information and espionage,” solar researchers – Note. “At least 2017 the group attacks state institutions, IT departments of various organizations, as well as enterprises related to high-tech industries such as aerospace and electricity.”

The actor of the threat was the first Publicly documented According to positive technologies in 2022, in detail about its exclusive use of malicious software for rats. The group is assumed that the group divides tactical overlapping of a group called Webworm. It is known that it focuses on organizing in Russia, Georgia and Mongolia.

In one of the attacks aimed at the government sector client, Solar said he had found that the attacker deployed various tools to facilitate the intelligence, as well as giving up Luckstrike agent, a multifunction.

“The attackers gained access to the infrastructure by compromising a public web service not later than March 2023, and then began to look for” fruits “in the infrastructure,” said Solar. “For 19 months, the attackers slowly spread to the client systems until the network segments connected to the monitoring in November 2024 were reached.”

Cybersecurity

Also paying attention to the use of the modified version of Stowaway to preserve only its proxy, as well as the use of LZ4 as a compression algorithm, incorporating XXTEA as an encryption algorithm and add support to support for support for Whatever Transport protocol.

“Erudite Mogwai began its journey to change this usefulness, reducing the functionality they do not need,” Solar said. “They continued with minor edits such as renaming functions and changing the size of the structures (perhaps to knock down the existing detection signatures). At the moment, the Stowaway version used by this group can be called a full fork.”

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

CISCO’s critical vulnerability in uniform grants on root access to static credentials

July 3, 2025

North Korean Hackers Target Web3 with malicious NIM software and use Clickfix in Babyshark

July 2, 2025

Hackers using PDFs to get yourself for Microsoft, Docusign and more in phishing campaigns return call

July 2, 2025

This network traffic looks legal but it can hide a serious threat

July 2, 2025

US Sanctions of Russia

July 2, 2025

V0 AI Vercel tool, armed with cybercrime for quick creation pages to enter scale

July 2, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

CISCO’s critical vulnerability in uniform grants on root access to static credentials

July 3, 2025

North Korean Hackers Target Web3 with malicious NIM software and use Clickfix in Babyshark

July 2, 2025

Hackers using PDFs to get yourself for Microsoft, Docusign and more in phishing campaigns return call

July 2, 2025

This network traffic looks legal but it can hide a serious threat

July 2, 2025

US Sanctions of Russia

July 2, 2025

V0 AI Vercel tool, armed with cybercrime for quick creation pages to enter scale

July 2, 2025

Critical vulnerability in Anthropic MCP exposes machines for remote feats

July 1, 2025

Ta829 and Unk_greensec share tactics and infrastructure in current malware

July 1, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

CISCO’s critical vulnerability in uniform grants on root access to static credentials

July 3, 2025

North Korean Hackers Target Web3 with malicious NIM software and use Clickfix in Babyshark

July 2, 2025

Hackers using PDFs to get yourself for Microsoft, Docusign and more in phishing campaigns return call

July 2, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.