Attacks with the Smokeloader malware targeted at Ukrainian government and financial organizations, particularly accounting departments, have been on the rise since May, reports The Record, a news site by cybersecurity firm Recorded Future.
Numerous industrial and government entities across Russia have been subjected to cyberattacks with an information-stealing backdoor since June, with the still-unknown threat actors deploying an updated version of the malware in mid-August, according to BleepingComputer.
New DLL side-loading has been leveraged by the Quasar RAT backdoor, also known as CinaRAT or Yggdrasil, to further obscure malicious data exfiltration activities against Windows devices, The Hacker News reports.
Attacks with the new ExelaStealer information-stealing malware have been directed against Windows systems in a bid to exfiltrate various data, including passwords, credit cards, keystrokes, cookies, Discord tokens, clipboard content, and screenshots, according to The Hacker News.
Governments across the Asia-Pacific had their systems compromised by the new TetrisPhantom advanced persistent threat operation in attacks leveraging secure USB drives infected with a trojanized UTetris app over the last few years.