In August 2018, Sednit’s operators deployed two new Zebrocy components, and since then we have seen an uptick in Zebrocy deployments, with targets in Central Asia, as well as countries in Central and Eastern Europe, notably embassies, ministries of foreign affairs, and diplomats
Search results for: "sednit"
ESET researchers have discovered the first in-the-wild UEFI rootkit. Dubbed LoJax, the research team has shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe. The Sednit group is a resourceful APT group targeting people and
ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe
Zebrocy heavily used by the Sednit group over last two years
Over the past few years the Sednit group has used various techniques to deploy their various components on targets computers. The attack usually starts with an email containing either a malicious link or malicious attachment.
Sednit is back - this time with two more zero-day exploits embedded in a phishing email titled Trump's_Attack_on_Syria_English.docx.
The IAAF has become the latest organization to fall victim to the cybercriminal gang Sednit.
Take a closer look at the cyberespionage group Sednit, which has targeted over 1000 high-profile individuals and organizations with phishing attacks and zero-day exploits.
This feature offers a very digested read of ESET's trilogy of research papers on Sednit, one of the most notorious groups of cyberattackers in the world.
The full whitepaper “En Route with Sednit,” compiling parts 1-3.
In the third and final part of our whitepaper “En Route with Sednit,” we describe a special downloader named Downdelph.
In the second part of our whitepaper “En Route with Sednit”, we focus on Sednit’s espionage toolkit, which is deployed on targets deemed interesting after a reconnaissance phase (described in the first part of the whitepaper).
ESET's threat analysts have taken a closer look at the software used by Sednit to spy on its targets and steal confidential information.
Security researchers at ESET have released their latest research into the notorious and highly experienced Sednit cyberespionage group.
In the first part of our whitepaper “En Route with Sednit”, we focus on the methods used by the group to attack its targets, and on who these targets are.
The infamous Sednit espionage group is currently using the Hacking Team exploits disclosed earlier this week to target eastern European institutions.
The Sednit espionage group, also known as the Sofacy group, APT28 or “Fancy Bear”, has been targeting various institutions for many years. We recently discovered a component the group employed to reach physically isolated computer networks -- “air-gapped” networks -- and exfiltrate sensitive files from them through removable drives.
For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.
A view of the Q3 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
The extortionists attempt to scare the targets into paying by claiming to represent some of the world’s most notorious APT groups