ReaQta Threat Intelligence Team identified the malware used in an exfiltration operation against the defence contractor Leonardo S.p.A. The analysis of the malware, which we dubbed Fujinama, highlights its capabilities for data theft and exfiltration while maintaining a reasonably low-profile.
Introduction AVE_MARIA, a malware used in phishing campaigns and so far identified only as an info-stealer, appears to be more complex and insidious, offering a wide range of capabilities, from privilege escalation to camera exfiltration, RDP connections, email extraction and more. For the past few months we have been monitoring various phishing campaign delivering AVE_MARIA […]
MuddyWater is a threat actor that caught our attention for their extensive use of “Living off the Land” attacks in a targeted campaign aimed at the Middle East. During our investigation we reconstruct the evolution of the vectors used and how the group operates to target their victims, evade detections and move laterally inside the compromised […]