sidecopy (2)

11073549094?profile=RESIZE_400xFortiGuard Labs researchers have come across a file name or e-mail subject that makes us sit up and take notice. Of course, it may turn out to be nothing.  But every once in a while, one of these turns out to be incredibly interesting.

We recently came across one such file that referenced an Indian state military research organization and an in-development nuclear missile.  The file was meant to deploy malware with characteristics matching the APT group “SideCopy.”  With activities dating back t

9225341064?profile=RESIZE_400xActivity Summary - Week Ending 9 July 2021:

  • Red Sky Alliance identified 56,261 connections from new unique IP addresses
  • Analysts identified 2,346 new IP addresses participating in various Botnets
  • 12 unique email accounts compromised were seen with Keyloggers
  • RevengeRAT & Aviation
  • Kaseya Attack
  • Babuk Locker
  • PayLoad Bin
  • Space ISAC & Microsoft
  • SideCopy
  • A change in social media collection?
  • DuckDuckGo, Good to Go

Link to full report: IR-21-190-001_weekly_190.pdf