Cloud Werewolf attacks government officials in Russia and Belarus [Monday, April 01, 2024]

A cyberthreat group, identified as Cloud Werewolf, is conducting phishing campaigns targeting government employees in Russia and Belarus. The adver...
Cloud Werewolf attacks government officials in Russia and Belarus [Monday, April 01, 2024]
Cloud Werewolf attacks government officials in Russia and Belarus

Cloud Werewolf attacks government officials in Russia and Belarus

Description :
A cyberthreat group, identified as Cloud Werewolf, is conducting phishing campaigns targeting government employees in Russia and Belarus. The adversaries employ crafted emails mimicking legitimate documents, such as medical vouchers and federal orders, to lure victims into downloading malicious payloads. These payloads are hosted on remote servers, and their distribution is limited, allowing the threat actors to evade cybersecurity defenses within the targeted organizations.

Published Created Modified
2024-04-01 19:51:01 2024-04-01 19:51:01 2024-04-01 20:06:58

Tags

Indicators

URLs : Domains : Hashes :
  • 9d98bd1f1cf6442a21b6983c5c91c0c14cd98ed9029f224bdbc8fdf87c003a4b
  • b4c0902a9fb29993bc7573d6e84547d0393c07e011f7b633f6ea3a67b96c6577
  • 5af1214fc0ca056e266b2d093099a3562741122f32303d3be7105ce0c2183821
Intrusion set :
  • Cloud Werewolf
Location :
  • Belarus
  • Russian Federation
MITRE ATT&CK Techniques : Other observables :
  • Government

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.