Summary: A hacking group dubbed Goffee is deploying custom malware, including the tool PowerModul, to steal sensitive files from USB drives on Russian computers. The group is actively engaged in cyber-espionage, primarily targeting Russian media, government, and telecommunications sectors. Although primarily focused on espionage, their activities have also led to disruptions in compromised networks.
Affected: Russian media and telecom companies, government agencies, construction firms, energy providers
Keypoints :
- Goffee, also known as Paper Werewolf, utilizes custom malware to enhance its cyber-espionage efforts.
- PowerModul includes components like FlashFileGrabber for stealing files and USB Worm for spreading the malware via infected flash drives.
- The group uses phishing emails disguised as legitimate communications from Russian institutions to distribute malware.
Source: https://therecord.media/goffee-espionage-campaign-russia-flash-drives
Views: 5