Security News > 2023 > May > New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
A previously undetected advanced persistent threat actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020.
Red Stinger overlaps with a threat cluster Kaspersky revealed under the name Bad Magic last month as having targeted government, agriculture, and transportation organizations located in Donetsk, Lugansk, and Crimea last year.
A fourth set of attacks coincided with the onset of Russia's military invasion of Ukraine in February 2022.
"This stage serves as an entry point for the attackers, enabling them to assess whether the targets are interesting or not, meaning that in this phase they will use different tools."
The exact scale of the infections are unclear, although evidence points to two victims located in central Ukraine - a military target and an officer working in critical infrastructure - who were compromised as part of the February 2022 attacks.
"What is clear is that the principal motive of the attack was surveillance and data gathering. The attackers used different layers of protection, had an extensive toolset for their victims, and the attack was clearly targeted at specific entities."
News URL
https://thehackernews.com/2023/05/new-apt-group-red-stinger-targets.html
Related news
- GoldenJackal APT group breaches air-gapped systems in Europe (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign (source)