ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > Operation Rusty Flag

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: Operation Rusty Flag

NamesOperation Rusty Flag (Deep Instinct)
Country[Unknown]
MotivationInformation theft and espionage
First seen2023
Description(Deep Instinct) The operation has at least two different initial access vectors.

The operation is not associated with a known threat actor; the operation was instead named because of their novel malware written in the Rust programming language.

One of the lures used in the operation is a modified document that was used by the Tropical Scorpius, RomCom group. This could be a deliberate “false flag”.
ObservedCountries: Azerbaijan.
Tools used
Information<https://www.deepinstinct.com/blog/operation-rusty-flag-a-malicious-campaign-against-azerbaijanian-targets>

Last change to this card: 12 October 2023

Download this actor card in PDF or JSON format

Previous: Operation RusticWeb
Next: Operation Shady RAT

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]