Tag: grewapacha

2 Attack Reports | 0 Vulnerabilities

Attack reports

Striking Panda Attacks: APT31 Today

APT31, a Chinese cyber espionage group, has been actively targeting the Russian IT sector from 2024 to 2025, particularly companies working as contractors for government agencies. The group uses sophisticated tactics to remain undetected, including leveraging cloud services as command and control i…
malware
cyber espionage
chinese
data exfiltration
cloudsorcerer
grewapacha
cloud services
2025-11-27
localplugx
coffproxy
vtchatter
it sector
onedrivedoor
cloudyloader
auftime
government contractors
yaleak
Published: November 27, 2025
Downloadable IOCs: 11

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Kaspersky detected an ongoing targeted cyberattack campaign, dubbed EastWind, targeting Russian government organizations and IT companies. The attackers employed phishing emails with malicious shortcuts to deliver malware that communicated via Dropbox. They utilized tools associated with APT31 and …
rat
phishing
spyware
dll sideloading
cloudsorcerer
2024-08-14
plugy
grewapacha
Published: August 14, 2024
Downloadable IOCs: 5
Click here to see more Attack Reports