Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan

2023-04-27 13:42

A little-known Russian-speaking cyber-espionage group has been linked to a new politically-motivated surveillance campaign targeting high-ranking government officials, telecom services, and public service infrastructures in Tajikistan.

The intrusion set, dubbed Paperbug by Swiss cybersecurity company PRODAFT, has been attributed to a threat actor known as Nomadic Octopus.

A subsequent analysis by Gcow Security in December 2019 highlighted the advanced persistent threat group's attacks against the Ministry of Foreign Affairs of Uzbekistan to deploy Octopus.

PRODAFT's findings are the result of the discovery of an operational environment managed by Nomadic Octopus since 2020, making Paperbug the first campaign orchestrated by the group since Octopus.

"Operation PaperBug aligns with the common trend of attacking into Central Asia government infrastructure that recently became more prominent," PRODAFT noted.

That having said, Paperbug attack chains are largely characterized by the use of public offensive tools and generic techniques, effectively acting as a "Cloak" for the group and making attribution a lot more challenging.

News URL

https://thehackernews.com/2023/04/paperbug-attack-new-politically.html

#attack #surveillance