Curly COMrades: New Malware Rides the Cyber Espionage Wave for Russian Interests!
Curly COMrades, the cyber-espionage group, sneaks around with their custom MucorAgent malware, targeting Georgian and Moldovan entities for Russian interests. Using a mix of stealthy tactics like curl.exe and unpredictable scheduled tasks, they aim for persistent access but can’t quite outwit modern sensors.
Hot Take:
Move over James Bond, there’s a new espionage thriller in town featuring the Curly COMrades! This cyber-espionage group seems to have taken a leaf out of a spy movie script, with their backdoor malware and stealthy maneuvers. Who knew digital skullduggery could be this captivating? Spy gadgets? Pfft. Try AES-encrypted PowerShell scripts and hijacked COM objects! This is a digital cloak and dagger at its finest!
Key Points:
- Curly COMrades, a new threat group, is using a custom backdoor called MucorAgent.
- Targeting government bodies in Georgia and energy firms in Moldova, aligning with Russian interests.
- MucorAgent operates via a complex three-stage malware using .NET engineering and AES encryption.
- Persistence is achieved through erratic scheduled tasks and hijacked COM objects.
- Despite their efforts to blend in, their activities have been detected by modern cybersecurity systems.
Already a member? Log in here