Cyber Espionage Group UNC1549 Expands Arsenal in Ongoing Campaign

The cyber espionage group UNC1549 has significantly expanded its toolkit and attack techniques in an ongoing campaign targeting aerospace, aviation, and defense industries since mid-2024. The group employs sophisticated phishing campaigns and exploits trusted third-party relationships to breach high-security environments. Their custom tools, such as TWOSTROKE and LIGHTRAIL, demonstrate exceptional operational security and persistence mechanisms.

Latest mentioned: 11-18

Earliest mentioned: 11-18

Sources

google.com gbhackers.com

Also Read

ClickFix Malware Campaign Deploys Amatera Stealer and NetSupport RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign using the ClickFix social engineering tactic to distribute Amatera Stealer and NetSupport RAT. The campaign, tracked as EVALUSION, targets cryptocurrency wallets, browsers, and email services. Amatera, an evolution of ACR Stealer, employs advanced evasion techniques and is available via subscription. The attack involves tricking users into executing malicious commands, leading to data exfiltration and potential RAT deployment.

11-18Read more →