For five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of.
This is our latest installment, focusing on activities that we observed during Q1 2022.
Readers who would like to learn more about our intelligence reports or request more information on a specific report, are encouraged to contact [email protected].
Disclaimer: when referring to APT groups as Russian-speaking, Chinese-speaking or other-“speaking” languages, we refer to various artefacts used by the groups (such as malware debugging strings, comments found in scripts, etc.) containing words in these languages, based on the information we obtained directly or which is otherwise publicly known and reported widely. The use of certain languages does not necessarily indicate a specific geographic relation but rather points to the languages that the developers behind these APT artefacts use.
The most remarkable findings
On January 14, 70 Ukrainian websites were defaced: the attackers posted the message “be afraid and expect the worst”. The defacement message on the Ministry of Foreign Affairs website, written in Ukrainian, Russian and Polish, suggested that personal data uploaded to the site had been destroyed. Subsequently, DDoS attacks hit several government websites. The following day, Microsoft reported that it had found destructive malware, dubbed WhisperGate, on the syst ..
Support the originator by clicking the read the rest link below.
![[Security Nation] Whitney Merrill on the Crypto & Privacy Village (and the Latest in Data Privacy)](upload/news/image_1651075223_33168083.jpg)
