Breaking News

U.S. government cybersecurity experts warned that “sophisticated threat actors” have been using new Russian malware variants, ComRAT and Zebrocy, in recent cyberattacks.

According to new malware analysis reports, Russian advanced persistent threat (APT) actors from Turla have developed new malware variant ComRAT.

In addition, Russian-linked APT28 hacking group has been behind attacks using Zebrocy malware.

Phishing attacks against universities worldwide attributed to the Silent Librarian APT group.
New phishing document targeting staff at the University of British Columbia (UBC) with a fake COVID-19 survey.

However, this attack and motives are different than the ones previously documented.
The survey is a malicious Word document whose purpose is to download ransomware and extort victims to recover their encrypted files.

New file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems.

Similarities in the code of the Trojan were found, the text of the ransom notes and the general approach to extortion, which suggested that this is in fact a Linux build of the previously known ransomware family RansomEXX.
This malware is notorious for attacking large organizations and was most active earlier this year.