Robert Falcone

Shamoon 2: Delivering Disttrack
March 27, 2017
Targeted Ransomware Attacks Middle Eastern Government Organizations for Political Purposes
March 8, 2017
Magic Hound Campaign Attacks Saudi Targets
February 15, 2017
XAgentOSX: Sofacy’s XAgent macOS Tool
February 14, 2017
Second Wave of Shamoon 2 Attacks Identified
January 9, 2017
Let It Ride: The Sofacy Group’s DealersChoice Attacks Continue
December 15, 2016
Shamoon 2: Return of the Disttrack Wiper
November 30, 2016
Tropic Trooper Targets Taiwanese Government and Fossil Fuel Provider With Poison Ivy
November 22, 2016
PSA: Conference Invite used as a Lure by Operation Lotus Blossom Actors
October 28, 2016
‘DealersChoice’ is Sofacy’s Flash Player Exploit Platform
October 17, 2016
OilRig Malware Campaign Updates Toolset and Expands Targets
October 4, 2016
Sofacy’s ‘Komplex’ OS X Trojan
September 26, 2016
The Dukes R&D Finds a New Anti-Analysis Technique
September 9, 2016
Aveo Malware Family Targets Japanese Speaking Users
August 16, 2016
Fresh Baked HOMEKit-made Cookles – With a DarkHotel Overlap
August 12, 2016
Attack Delivers ‘9002’ Trojan Through Google Drive
July 26, 2016
Technical Walkthrough: Office Test Persistence Method Used In Recent Sofacy Attacks
July 20, 2016
New Sofacy Attacks Against US Government Agency
June 14, 2016
The OilRig Campaign: Attacks on Saudi Arabian Organizations Deliver Helminth Backdoor
May 26, 2016
Don’t Be an April Fool: Inside a Common Phone Scam
April 1, 2016
ProjectM: Link Found Between Pakistani Actor and Operation Transparent Tribe
March 25, 2016
Digital Quartermaster Scenario Demonstrated in Attacks Against the Mongolian Government
March 14, 2016
Emissary Trojan Changelog: Did Operation Lotus Blossom Cause It to Evolve?
February 3, 2016
Scarlet Mimic: Years-Long Espionage Campaign Targets Minority Activists
January 24, 2016
NetTraveler Spear-Phishing Email Targets Diplomat of Uzbekistan
January 21, 2016
Attack on French Diplomat Linked to Operation Lotus Blossom
December 18, 2015
Attack Campaign on the Government of Thailand Delivers Bookworm Trojan
November 24, 2015
Bookworm Trojan: A Model of Modular Architecture
November 10, 2015
Chinese Actors Use ‘3102’ Malware in Attacks on US Government and EU Media
September 23, 2015
Musical Chairs: Multi-Year Campaign Involving New Variant of Gh0st Malware
September 8, 2015
RTF Exploit Installs Italian RAT: uWarrior
August 24, 2015
Retefe Banking Trojan Targets Sweden, Switzerland and Japan
August 20, 2015
UPS: Observations on CVE-2015-3113, Prior Zero-Days and the Pirpi Payload
July 27, 2015
Tracking MiniDionis: CozyCar’s New Ride Is Related to Seaduke
July 14, 2015
APT Group UPS Targets US Government with Hacking Team Flash Exploit
July 10, 2015
Evilgrab Delivered by Watering Hole Attack on President of Myanmar’s Website
June 11, 2015
Cmstar Downloader: Lurid and Enfal’s New Cousin
May 18, 2015
PlugX Uses Legitimate Samsung Application for DLL Side-Loading
May 1, 2015

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42