Names | AtlasCross (NSFOCUS) | |
Country | [Unknown] | |
Motivation | Information theft and espionage | |
First seen | 2023 | |
Description | (NSFOCUS) After an in-depth study of the attack process, NSFOCUS Security Labs found that this APT attacker is quite different from known attacker characteristics in terms of execution flow, attack technology stack, attack tools, implementation details, attack objectives, behavior tendency and other main attribution indicators. The technical level and cautious attitude shown by this attacker during this activity are also worthy of attention. Therefore, NSFOCUS Security Labs identified the orchestrator of this event as a new attacker and named it AtlasCross. NSFOCUS Security Labs validated the high-level threat attributes of AtlasCross in terms of development technology and attack strategy through an in-depth analysis of its attack metrics. At this current stage, AtlasCross has a relatively limited scope of activity, primarily focusing on targeted attacks against specific hosts within a network domain. However, the attack processes they employ are highly robust and mature. NSFOCUS Security Labs deduce that this attacker is highly likely to deploy this attack process into larger-scale network attack operations. The organizational origin of the AtlasCross attacker cannot be determined. | |
Observed | ||
Tools used | AtlasAgent, DangerAds. | |
Information | <http://nsfocusglobal.com/warning-newly-discovered-apt-attacker-atlascross-exploits-red-cross-blood-drive-phishing-for-cyberattack/> |
Last change to this card: 12 October 2023
Download this actor card in PDF or JSON format
Previous: Aquatic Panda
Next: AVIVORE
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |