Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

New APT CloudSorcerer Targets Russian Govt

July 9, 2024
Reading Time: 3 mins read
in Alerts
New APT CloudSorcerer Targets Russian Govt

A newly identified cyber-espionage group, known as CloudSorcerer according to research by cybersecurity firm Kaspersky, has emerged with a specific focus on infiltrating Russian government entities. This sophisticated threat actor employs advanced malware designed to operate seamlessly within cloud-based environments for command and control (C2) operations. Kaspersky’s analysis indicates that CloudSorcerer exhibits similarities to previous APT activities, particularly resembling tactics observed in campaigns associated with the CloudWizard group, albeit utilizing distinct malware tools tailored to its strategic objectives. The malware, typically disseminated as a single executable file, showcases adaptive capabilities that adjust its behavior dynamically based on the host process, enabling surreptitious data exfiltration and the execution of malicious commands without triggering alarms.

CloudSorcerer’s utilization of cloud services such as Microsoft Graph API, Dropbox, and Yandex Cloud underscores a troubling trend in contemporary cyber threats, where threat actors leverage legitimate platforms to obfuscate their malicious activities. This approach not only complicates detection but also demonstrates the group’s sophisticated operational sophistication in circumventing conventional security measures. The group’s initial communication with its C2 infrastructure through platforms like GitHub—a method increasingly observed in sophisticated cyber operations—illustrates its meticulous approach to maintaining operational security and minimizing detection risks.

Erich Kron, security awareness advocate at KnowBe4, emphasized the critical importance of proactive monitoring of outbound network traffic and robust defensive strategies to effectively mitigate such threats. “While the use of cloud services for C2 infrastructure is not novel,” Kron explained, “CloudSorcerer’s adaptive malware and precise targeting of Russian government entities highlight the evolving tactics in cyber espionage.”

Reference:

  • New APT CloudSorcerer Targets Russian Entities with Advanced Cloud-based Malware
Tags: CloudSorcererCloudWizardCyber AlertsCyber Alerts 2024cyber espionageCyber RiskCyber threatDropboxJuly 2024KasperskyMicrosoftRussian government
ADVERTISEMENT

Related Posts

Fake Invoices Deliver Sorillus RAT In Europe

Fake Minecraft Mods On GitHub Spread Malware

June 19, 2025
Fake Invoices Deliver Sorillus RAT In Europe

Russian Vishing Scam Bypasses Google 2FA

June 19, 2025
Fake Invoices Deliver Sorillus RAT In Europe

Fake Invoices Deliver Sorillus RAT In Europe

June 19, 2025
New Linux Flaws Allow Easy Root Access

New Linux Flaws Allow Easy Root Access

June 18, 2025
New Linux Flaws Allow Easy Root Access

Langflow Flaw Delivers Flodrix DDoS Botnet

June 18, 2025
New Linux Flaws Allow Easy Root Access

Google Fixes GerriScary Supply Chain Flaw

June 18, 2025

Latest Alerts

Fake Minecraft Mods On GitHub Spread Malware

Fake Invoices Deliver Sorillus RAT In Europe

Russian Vishing Scam Bypasses Google 2FA

New Linux Flaws Allow Easy Root Access

Google Fixes GerriScary Supply Chain Flaw

Langflow Flaw Delivers Flodrix DDoS Botnet

Subscribe to our newsletter

    Latest Incidents

    Hacker Mints $27M From Meta Pool Gets 132K

    UBS and Pictet Hit By Vendor Data Breach

    Cyberattack Disrupts Paris Air Show Website

    Scania Insurance Data Stolen In Partner Hack

    Pro Israel Group Claims $81M Nobitex Hack

    Hacker Sells Data Of 1M Cock.li Users

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial