DOD, DHS expose hacking campaign in Russia, Ukraine, India, Malaysia

[[correlate]]

Content source

https://www.cyberscoop.com/dod-dhs-cyber-command-cisa-hacking-russia-ukraine-india-malaysia/

The Department of Defense and the Department of Homeland Security are calling out an unspecified “sophisticated cyber actor” Thursday for using malware to launch cyberattacks against targets in India, Kazakhstan, Kyrgyzstan, Malaysia, Russia and Ukraine. SlothfulMedia.

DOD, DHS expose hacking campaign in Russia, Ukraine, India, Malaysia

"Sophisticated" hackers are launching cyberattacks against targets in India, Kazakhstan, Kyrgyzstan, Malaysia, Russia, and Ukraine, DOD and DHS say.

www.cyberscoop.com

 

[silversurfer]

IAmTheKing and the SlothfulMedia malware family

We identified three different malware families used by this IAmTheKing, one of which was SlothfulMedia. The aim of this blog post is to introduce all of them.

securelist.com

On October 1, 2020, the DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our private reporting service, and we would like to provide the community with additional context.

In June 2018, we published the first report on a new cluster of activities that we named IAmTheKing, based on malware strings discovered in a malware sample from an unknown family. Amusingly, other strings present inside of it invited “kapasiky antivirus” to “leave [them] alone”.



Over time, we identified three different malware families used by this threat actor, one of which was SlothfulMedia. The aim of this blog post is to introduce all of them and to provide data we have been able to gather about the attackers’ interests.