Common Information
| Type | Value |
|---|---|
| Value |
AtlasCross |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | NSFOCUS Security Labs recently discovered a new attack process based on phishing documents in their daily threat-hunting operations. Delving deeper into this finding through extensive research, they confirmed two new Trojan horse programs and many rare attack techniques and tactics. NSFOCUS Security Labs believes that this new attack process comes from a new APT attacker, who has a high technical level and cautious attack attitude. The phishing attack activity captured this time is part of the attacker’s targeted strike on specific targets and is its main means to achieve in-domain penetration. NSFOCUS Security Labs validated the high-level threat attributes of AtlasCross in terms of development technology and attack strategy through an in-depth analysis of its attack metrics. At this current stage, AtlasCross has a relatively limited scope of activity, primarily focusing on targeted attacks against specific hosts within a network domain. However, the attack processes they employ are highly robust and mature. NSFOCUS Security Labs deduce that this attacker is highly likely to deploy this attack process into larger-scale network attack operations. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-11-21 | 1 | Zimbra 제로데이 취약점을 이용한 국제 정부 기관 공격 | ||
| Details | Website | 2023-11-01 | 15 | 绿盟威胁情报月报-2023年10月 – 绿盟科技技术博客 | ||
| Details | Website | 2023-10-20 | 2 | KeePass 사이트를 사칭하는 Google Ads 캠페인 발견 | ||
| Details | Website | 2023-10-04 | 0 | 미국 적십자를 사칭하는 AtlasCross 백도어 악성코드 | ||
| Details | Website | 2023-10-02 | 0 | New Threat Actor AtlasCross Emerges | ||
| Details | Website | 2023-09-29 | 5 | Cyber Security Week in Review: September 29, 2023 | ||
| Details | Website | 2023-09-22 | 44 | 每周高级威胁情报解读(2023.09.22~09.28) |