Remove 2000 Remove DNS Remove Telecommunications
article thumbnail

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

article thumbnail

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware 106
article thumbnail

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The researchers observed C2 infrastructure relying on dynamic DNS domains masquerading as Ukrainian telecommunication service providers.