ESET destroys a group of cybercriminals


ESET Research Asylum published its analysis of Ambuscade, a cybercriminal group that has been running parallel operations since at least 2020 in various regions of North America and Europe, targeting individuals, SMEs, bank customers and cryptocurrency traders. ESET found past involvement of government officials and employees of state-owned companies in Central Asian countries and Armenia. ESET Research assesses that the attackers’ goal was to steal confidential information and webmail credentials from the official government mail portals of these countries bordering Ukraine.

“It appears that Asylum Ambuscade has been conducting some cyber espionage operations against governments in Central Asia and Europe from time to time. It is quite unusual to find a cyber criminal group conducting cyber espionage operations, so we believe Investigators should keep a close eye on his activities.” explain Matthew Fou one of the researchers of eset Responsible for analyzing the activities of the group.

Read Also:  They Asked Artificial Intelligence What Dogs Are According To Each Country And It Responded With Images

In 2022, when the group attacked government officials in several European countries bordering Ukraine, the series of engagements began with an email spear fishing An Excel spreadsheet or Word document contains a malicious attachment. If the attacked device was deemed interesting, the cybercriminals ended up deploying ahkbot, a downloader that can be enhanced with plugins to spy on a victim’s machine. These plugins provide various capabilities, including taking screenshots, recording keystrokes, stealing passwords from web browsers, downloading files, and more. information stealer,

Although the group has come under criticism for its cyber-espionage operations, it has primarily been conducting cybercrime operations since the early 2020s. From January 2022, ESET Research counts down over 4,500 victims Whole world. Although most of them are in North America, it should be noted that victims have also been detected in Asia, Africa, Europe and South America. The target is very broad and mainly includes individuals, cryptocurrency traders, bank customers and SMEs from various sectors.

Read Also:  Samsung promotes screens with advanced technology


Please enter your comment!
Please enter your name here