Chinese Hackers Unleash MysterySnail 2.0: Russia and Mongolia’s IT Nightmare!

Chinese-speaking IronHusky hackers are back, targeting Russian and Mongolian government entities with an upgraded MysterySnail RAT malware. This sneaky trojan, disguised as a Word document, downloads payloads and gains system persistence. Kaspersky uncovered this cyber caper, revealing IronHusky’s ongoing espionage escapades with their new slimmed-down MysteryMonoSnail RAT version.

3P
Published: April 18, 2025 1:44 pmAdded: April 18, 2025 at 7:22 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like the IronHusky hackers are taking the phrase “sharing is caring” to a whole new level by sharing their MysterySnail RAT with Russian and Mongolian government computers. The only problem? The governments didn’t exactly ask for this kind of gift.

Key Points:

  • IronHusky hackers are targeting Russian and Mongolian government organizations.
  • They’re using an upgraded MysterySnail RAT malware, disguised as a Word document.
  • The malware persists on systems, performing various malicious activities.
  • This new version, dubbed “MysteryMonoSnail,” is more lightweight.
  • The hackers have been active since 2017, consistently targeting Russian and Mongolian entities.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?