Bluenoroff’s RustBucket campaign
In April 2023, fellow security researchers at Jamf published a report on Bluenoroff’s RustBucket, a newly observed malware targeting macOS platform. Sekoia.io analysts further investigated Bluenoroff’s infrastructure and share...Read More
APT28 leverages multiple phishing techniques to target Ukrainian civil society
The APT28 intrusion set (aka. Sofacy, PawnStorm, Fancy Bear), associated to the Russian GRU was observed using multiple phishing techniques to target the Ukrainian civil society.Read More
Overview of the Russian-speaking infostealer ecosystem: the logs
This blog post aims at presenting the life cycle of logs, the cybercrime marketplaces dedicated to logs and the noticeable schemes recently used by threat actors to exploit the...Read More
Overview of the Russian-speaking infostealer ecosystem: the distribution
This blog post aims at presenting the main techniques, tools and social engineering schemes used by the cybercriminals from the Russian-speaking infostealer ecosystem and observed by Sekoia.io analysts in...Read More
The Energy sector 2022 cyber threat landscape
This report is a joint CITALID and SEKOIA.IO analysis pertaining to cyber activities targeting the energy sector in 2022 in Europe. It is based on open sources reports and...Read More
SEKOIA.IO analysis of the #VulkanFiles leak
In January 2023, French newspaper Le Monde offered SEKOIA.IO to cooperate on investigating exfiltrated Russian-written documents related to the Moscow-based private company Vulkan.Read More
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...
This blogpost is a technical analysis of Stealc infostealer, detailing different characteristics of the malware, including anti analysis, strings de-obfuscation and C2 communication techniques.Read More
One Year After: The Cyber Implications of the Russo-Ukrainian War
As the ongoing Russo-Ukrainian conflict started on 24 February 2022 is about to mark its first year anniversary, SEKOIA.IO analysts share their analysis pertaining to the cyber picture. This...Read More
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...
This blogpost aims at presenting the activities of the Stealc’s alleged developer, a technical analysis of the malware and its C2 communications, and how to track it.Read More
SEKOIA.IO Ransomware Threat Landscape – second-half 2022
This blogpost aims at analysing and highlighting trends within the ransomware ecosystem in the second half of 2022Read More