MontysThree APT Takes Unusual Aim at Industrial Targets

2020-10-08 10:00

That's according to researchers from Kaspersky, who noted that the group uses a variety of techniques to evade detection, including using public cloud services for command-and-control communications, and hiding its main malicious espionage module using steganography.

Spy attacks on industrial holdings are far more unusual than campaigns against diplomats and other nation-state targets, according to the firm.

"Far more rare are targeted espionage campaigns against industrial entities-but, like any other attacks against industries, they can have devastating consequences for the business."

The APT uses a toolset that it calls MT3, which consists of separate modules.

"MontysThree is interesting not just because of the fact that it's targeting industrial holdings, but because of the combination of sophisticated and somewhat amateurish TTPs," said Denis Legezo, senior security researcher with Kaspersky's Global Research and Analysis Team, in a posting on Thursday.

News URL

https://threatpost.com/montysthree-apt-industrial-targets/159957/

#APT