Storm-2603 Unleashes Chaos: SharePoint Flaws and AK47 C2 Exploits Exposed!

When Storm-2603 isn’t busy attending hacker conventions, they’re exploiting SharePoint flaws with their custom AK47 C2 framework. Check Point Research is on the case, tracking this mysterious group and their DNS and HTTP antics. Their goals may be unclear, but their comedic timing with ransomware is impeccable!

3P
Published: August 1, 2025 12:19 pmAdded: August 1, 2025 at 5:31 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Well, it seems like the cybercriminals have been watching too many action movies. The Storm-2603 group has unleashed a digital storm, using ransomware names that sound like rejected action hero aliases and exploiting SharePoint flaws like they’re hacking into the mainframe. Meanwhile, their command and control framework, AK47, is probably making actual AK-47s jealous. Strap in, folks; the cybersecurity wild west just got a new sheriff, and they’re packing some serious heat.

Key Points:

  • Storm-2603 is a newly discovered group linked to Chinese APTs, exploiting Microsoft SharePoint flaws.
  • They use a custom C2 framework called AK47 C2 with HTTP and DNS variants for communication.
  • Ransomware such as LockBit Black and Warlock/X2anylock are being deployed by the group.
  • The group utilizes signed drivers to disable security tools, showcasing advanced evasion techniques.
  • Storm-2603 has targeted organizations in Latin America and the Asia-Pacific region in 2025.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?