ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Home > List all groups > Operation Rusty Flag

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: Operation Rusty Flag

NamesOperation Rusty Flag (Deep Instinct)
MotivationInformation theft and espionage
First seen2023
Description(Deep Instinct) The operation has at least two different initial access vectors.

The operation is not associated with a known threat actor; the operation was instead named because of their novel malware written in the Rust programming language.

One of the lures used in the operation is a modified document that was used by the Tropical Scorpius, RomCom group. This could be a deliberate “false flag”.
ObservedCountries: Azerbaijan.
Tools used

Last change to this card: 12 October 2023

Download this actor card in PDF or JSON format

Previous: Operation RusticWeb
Next: Operation Shady RAT

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]