Chamelgang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware

June 26, 2024, 5:55 p.m.

Description

In collaboration with Recorded Future, SentinelLabs has been tracking two distinct activity clusters targeting government and critical infrastructure sectors globally between 2021 and 2023.

Date

Published: June 26, 2024, 5:32 p.m.

Created: June 26, 2024, 5:32 p.m.

Modified: June 26, 2024, 5:55 p.m.

Indicators

cf2b73f77761f4441f9c31512d58709f5d9d59eef6514857a5e37b8c4e956c3a

8679c9e96394c39fa5eeb277a7e28313ef502be5d8401c43fa9955820962add0

806761850d19f0cc9f41618e74db471e85c494e952f900f827c1779f2d1c4d31

7604e9ecedf298907e537e50b9c74006640561b32265c3ebba38e587166f67ab

49292dd838429bcf4aaf77ff6960156edaf1ec094ee4e6b9863c5d5fc9d32279

9990388776daa57d2b06488f9e2209e35ef738fd0be1253be4c22a3ab7c3e1e2

bc1qakuel0s4nyge9rxjylsqdxnn9nvyhc2z6k27gz

185.225.19.61

Attack Patterns

ChamelGang

T1022

T1574.001

T1112

Additional Informations

Government

Critical Infrastructure