Kategorie

The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365.

It enables cyber criminals to obtain Microsoft 365 access tokens and bypass multi-factor authentication (MFA) protocols without intercepting the user’s credentials by capturing Oauth tokens linked to the victim’s Microsoft 365 account.

The scam works in a similar way to most phishing attacks. An attacker sends an email purporting to be from a trusted cloud document sharing service, including instructions to enter a particular code on a legitimate Microsoft site.

The code, however, authorizes the attacker’s device to access the victim’s Microsoft account.

The FBI has issued a set of instructions for IT security managers to help mitigate the Kali365 attack before it affects their users. These include creating a conditional access policy to block code flow for all users, with exceptions for the necessary business processes. Managers should also block authentication transfer policies, preventing users from handing over their access rights from a corporate PC to a mobile device.

Phishing remains a major threat for organizations. According to a World Economic Forum report from January this year, CEOs worldwide see it as the main security threat. It’s also something that is not going away, 77 percent of organizations think that the number of phishing attacks has increased in the past year. Kali365 has just added to that number.

This article first appeared on CSO.

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. The disruption of First VPN Service was led by France and the Netherlands, with several other nations supporting the investigation since December Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks, interference operations, and disinformation campaigns. [...]

Meta is the latest company to trim its workforce as a result of the growing use of AI within the industry. The company laid off 8,000 employees earlier this week, while also moving 7,000 more to AI-focused roles.

“AI is the most consequential technology of our lifetimes,” Zuckerberg said in a memo that he sent to employees, informing them of the cuts.  “The companies that lead the way will define the next generation,” he added.

The company has not revealed too much detail of the changes in the workforce, but it’s clear that jobs focused on AI infrastructure will be protected.

Meta is not alone in announcing cuts. In a blog this month, Cisco said it was cutting 4,000 jobs and Microsoft is looking at inciting employees to take voluntary retirement for the first time.

The Meta reorganization is following the trend that businesses that don’t adapt to AI usage will struggle. Earlier this year, PwC US CEO Paul Griggs caused consternation when he suggested that executives who failed to get to grips with AI had a limited future in the company.

While workforces are increasingly dependent on AI as a path to progress, IT departments are not necessarily on top of the game. A Dataiku survey earlier this year revealed that 74% of CIOs were fearful that their career paths were dependent on AI outcomes.

European authorities have cracked down on a VPN that has been used for various criminal activities.

The operation, led by investigators in France and the Netherlands with help from Europol and Eurojust, has dismantled First VPN, a service that has been heavily promoted within Russia as a way of evading law enforcement. Criminals used it to conceal their identities and infrastructure while carrying out ransomware attacks, large-scale fraud, data theft, and other serious offences.

While First VPN’s fates seems well-deserved, there are concerns about wider attempts by governments and law enforcers to clamp down on users of VPN services. Various legislations have tried to implement new laws restricting access to the internet, in particular, those seeking to limit minors from accessing social media and other sites deemed inappropriate by authorities. Australia has already brought in such a law and the UK is looking to follow suit. However. VPNs providers have fought back, claiming that their offerings are a vital tool in the preservation of the internet as a free and open service — and in securing regular business activities for many enterprises.

Ina recent blog post Mozilla said, “Blunt interventions like mandatory age assurance and restricting access to tools like VPNs are not effective in improving the protection afforded to young people online, while undermining the fundamental rights of all users.”

Any restrictions against VPNs in the US are likely to fall foul of the First Amendment. Attempts by lawmakers to prohibit their use, such as the one proposed in Utah, are looking unlikely to succeed.

A security research team just used Claude Mythos to identify the first known exploit in Apple’s M5 chip. They needed physical access to the device to use it, the vulnerability has since been patched, and I don’t think it should be seen as a huge threat. But it is a stark warning that in this AI age, attackers can find and exploit system vulnerabilities at a dangerously fast rate.

While widely reported, the proof-of-concept exploit was of limited significance because it required direct physical access to the target device; what matters most is that it is a very real illustration of the new security reality.

AI doesn’t care whose side you’re on

AI boosts productivity for everyone, including attackers. In this case, the technology augmented the human security research team’s efforts, enabling them to identify a weakness in Apple’s security system. This won’t be the first time AI gets used to identify hard-to-find bugs and certainly won’t be the last.

This should be a real concern to any platform provider, as it means the most well-resourced attackers will be leaning deep into AI to help them find vulnerabilities. And as AI improves, the capacity it provides will inevitably become more dangerous.

That’s even before you consider that some attackers work for the kind of state and state-adjacent entities that can afford aircraft carriers. 

When nation-states come knocking

Access to such extensive resources means future AI-augmented attacks will have at their disposal the most powerful computational AI money can buy, which probably boils down to quantum computers.

The threat of quantum computers has been discussed since the 1990s. These systems are expected to be quite capable of breaking the encryption keys on which digital existence is built, and things will not be the same when they do. We don’t have long to wait until that threat becomes real. Google recently warned quantum computers will be able to hack into some, though not all, encrypted systems by 2029. 

Once Q-Day breaks, there will be no going back. And just as Mythos AI was able to help security researchers break into Apple’s core security today, quantum computer-augmented AI is likely to open even more dangerous security frontiers. The Global Risk Institute warns organizations “should take immediate action to address this significant cyber risk.”

What you can do while the industry catches up

What actions can we take now? We have to look to the tech firms to develop tech to protect us against tech:

• Google, for example, is investing in post-quantum cryptography (PQC) digital signature protection and will put similar protections in place across its own authentication services in the next couple of years. 
• Apple says it has also deployed quantum-secure cryptography across a wide range of protocols, “prioritizing applications involving sensitive user information where attackers could harvest encrypted communications at scale.” 
• Cisco is deep into developing quantum-secure networks, working with network partners such as Orange Business to protect enterprise and public-sector data from future quantum threats.

These protections will help secure some of the most important elements of the computing experience, but they won’t cover everything, leaving a less certain threat environment in which many of the least-resourced software developers are exposed.

Legacy systems, particularly around critical infrastructure and key industries like health or finance, will be particularly exposed. You really, really don’t want key systems at your hospital or bank to rely on insecure and unsupported Windows 10 machines, for example. (You’d be better of with a MacBook Neo — truly, you would.)

Apple is not a badly resourced developer, which means it has no choice but to invest heavily in additional security to protect its platforms against both quantum and AI threats. We’ve also got to prepare for even more complex attacks down the road, as the two powerful technologies converge (to the detriment of security).

Gather ye while you can

We know nation-state actors are already hoovering up huge quantities of encrypted data, as they hope to be able to decrypt it once quantum capability matures. (There’s even a name for this, HNDL, which stands for Harvest Now, Decrypt Later.)

You don’t need to panic. These new breed attacks will be massively expensive to put together, which suggests they’ll be used against the same high-value targets Apple built Lockdown Mode to protect. What we saw happen with the NSO Group, which made the Pegasus attack you can now buy on the dark web, and other similar exploits that leaked over time, show that sophisticated attacks will inevitably seep into general use over time.

For now you can choose to use quantum ready messaging services such as iMessage and, while we wait for PQC-compliant password managers to ship, at least make sure to use highly secure passwords for key apps and services. And monitor the news for AI-augmented security exploits against Apple equipment. And as always, never leave your Mac unattended anywhere people you don’t know or trust can reach it.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine's National Security and Defense Council) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the country. The activity, per the Computer Emergency Response Team of Ukraine (CERT-UA), involves sending phishing emails to government Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Microsoft is testing the addition of agentic AI to its corporate browser, Edge for Business. A new version, currently available in a limited preview, will help perform routine tasks more efficiently, according to Microsoft’s partner product manager for Edge, Lindsay Kubasik.

Agentic AI will help with completing multi-step tasks such as filling in forms, navigating sites, or gathering information from different tabs, all using enterprise-managed tools, the company said.

And a new tab page will pull together calendar entries, files and Copilot prompts, reducing the need to switch between tools, it said.

A key feature of the new browser version will be its ability to protect corporate data. Enterprises will be able to block the use of copy and paste, and all AI prompts and responses will stay within their Microsoft 365 tenant and will not be used to train models, the company said. They will also be able to audit prompts and block sensitive uploads. The protections will apply as soon as users sign into Edge for Business.

Enterprises will be able to keep track of users who are not following policy: Microsoft’s compliance tool, Purview, will analyze all file uploads to check for sensitive data being uploaded. Enterprises will then have the ability to block the action.

To access the new features, enterprises must sign up for the limited preview.

Two former executives of a call-tracking and analytics company pleaded guilty to concealing a years-long tech support fraud scheme that victimized individuals worldwide. [...]

Microsoft and EY will spend $1 billion on helping their customers adopt AI over the next five years.

The billion will support assisting clients with pioneering AI projects and capability building, said EY’s global Microsoft alliance leader, Paul Clark. Clients will be able to access those resources based on their specific needs, he said.

“We’re intentionally building the EY forward deployed engineer (FDE) capability through close collaboration and training with Microsoft, while maintaining integrated EY-Microsoft teams in the field,” he said in an email. “Clients will continue to experience this as one combined team, bringing together engineering depth and transformation expertise.”

EY has acted as “client zero” in this initiative, embedding AI in all facets of its organization while it validated ways of working with Microsoft’s technologies. After an initial trial of Microsoft Copilot with 150,000 users, it is now rolling it out through Microsoft 365 E7 to all 400,000 staff.

Its combined offering with Microsoft will be fully integrated, with shared governance and accountability across both organizations, it said. Initial services will cover finance, tax, risk, HR and supply chain activities within the financial services, industrials and energy, consumer and retail, government, and health care sectors.

Pain and suffering

The company’s status as client zero is important here, said Greyhound Research Chief Analyst Sanchit Vir Gogia. “It gives EY a proving ground, not just a reference story. The firm can test AI across its own global workforce, professional services processes and regulated client delivery environment before taking the patterns outward. That gives it a sharper commercial proposition: not ‘we understand AI’, but ‘we have suffered through the operating friction before you’. In enterprise technology, lived pain is often more valuable than polished optimism.”

EY is not merely reselling Microsoft’s AI story, he added. “It is positioning itself as the interpreter between Microsoft’s engineering depth and the client’s messy operational reality.”

Technology analyst Carmi Levy said the challenges of scaling AI solutions are monumental, so it makes sense for vendors to bolster their own support capabilities to allow customers to capture maximum value from their AI investment.

“The forward deployed engineer seems like an ideal solution to this vexing problem, a ready-made, vendor-provided, fully trained resource whose sole job is to help customers crack the AI code and turn its potential into realizable gains,” he said. “FDEs can help tune a given agentic system to the organization’s unique requirements and reduce near- and long-term risk by better aligning the vendor’s technologies to the customer’s internal systems.”

Forward-deployed engineers are having a moment, with both Anthropic and OpenAI putting them at the forefront of their AI sales strategies.

But the concept isn’t new, said Matt Kimball, principal analyst at Moor Insights & Strategy. “When I was a state government CIO back in the early 2000s, I leveraged what is now being called an FDE and it reduced a project from weeks to hours,” he said. FDEs should have the domain expertise to be able to “walk into an enterprise and look at all of these moving parts associated with activating AI and develop (and execute) a comprehensive plan of attack,” covering technology, operations, people, and processes, he said.

However, said Bill Wong, research fellow at Info-Tech Research Group, enterprise leaders need to recognize that while they have the option to procure services to accelerate adoption, they must take ultimate responsibility for what’s built by defining, staffing and applying an AI governance program, and adapting it as AI capabilities evolve.

Forward thinking

Gogia said that many CIOs will bring in forward-deployed engineers for perfectly good reasons: scarce skills, urgency, board pressure, messy legacy systems and a widening gap between AI aspiration and operational delivery, but they should not abdicate responsibility to them.

“Use forward-deployed engineers where they create speed, learning and operational discipline. Do not use them as substitutes for internal architecture, governance or accountability,” he said. “Make them teach, make them document, make them transfer capability, make them design for audit, exit, and resilience from day one. If the engagement leaves behind only working software, it has not done enough.”

This article first appeared on CIO.

Workday conversational AI platform Sana for Workday is now ready to talk about IT Service Management (ITSM) automation as part of the company’s broader effort to help enterprises streamline workflows, especially across HR and finance, with autonomous AI agents.

The new Sana for ITSM capabilities are intended to automate workflows for employee on- and offboarding, access changes, and everyday IT requests.

Another new addition, the Travel agent, can help employees plan trips, book travel, and automatically manage expenses in one place, the company said.

The unification of cross-departmental workflows, according to Pareekh Jain, principal analyst at Pareekh Consulting, could provide significant advantages to CIOs: “If HR, finance, onboarding, access requests, payroll, travel, and IT support are tied together in one platform, enterprises can reduce friction, automate approvals faster, improve employee experience.”

“At the same time, Sana’s agentic backend will also get more organization context and can be more accurate, which is increasingly becoming important for CIOs trying to automate operations with agents,” Jain said. “Identity, reporting structures, cost centers, approvals, budgets, and role-based permissions become critical when AI starts automating tasks instead of just answering questions.”

However, Abhishek Mundra, associate practice leader at HFS Research, warned that CIOs evaluating ITSM for Sana should be wary of vendor lock-in. There’s value in linking the system running IT service workflows to the system of record holding workforce and financial data, but “it need not necessarily be owned by the system of record vendors,” he said.

Entrenched ITSM ecosystems could slow uptake

That debate around integration benefits versus platform concentration is also likely to influence enterprise uptake of the new ITSM automation capabilities, according to Jain.

“Early adopters will likely be existing Workday customers looking to simplify employee workflows and reduce tool fragmentation,” he said, adding that Workday could face challenges winning over large enterprises with deeply entrenched ITSM environments, given the maturity and breadth of established platforms such as ServiceNow.

ServiceNow’s recent acquisition of Moveworks also strengthens its position as an ITSM software provider, according to Bhupendra Chopra, chief revenue officer at IT consulting firm Kanerika.

“Moveworks is built for ITSM from the ground up. Sana for ITSM is built for consolidation. Those are different optimization functions. ITSM is harder than HR self-service. It requires understanding SLAs, escalation paths, technical constraints,” Chopra said.

“Most large enterprises with mature ITSM investments have workflows, integrations, and tribal knowledge baked into ServiceNow. Ripping that out for ‘better data context’ is a multi-year migration, not a switch,” he said.

Echoing Chopra, Jain said efforts to replace already-in-place, compliant ITSM systems could be expensive, risky and operationally disruptive. But, he said, mid-sized enterprises and AI-first enterprises may evaluate the new capabilities as a lighter alternative to complex traditional ITSM stacks, especially for employee support use cases.

Workday expects to offer Sana for ITSM early adopters in the second half of 2026, with broader general availability planned later in the year, the company said.

The Travel Agent is already available to early adopters and will also become generally available later this year, it said.

This article first appeared on CIO.

Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. [...]

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. [...]

Fraud losses don't stop at chargebacks. False declines, account takeovers, and abuse also damage revenue and trust. IPQS breaks down why fraud teams need broader visibility into risk and customer impact. [...]

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges. [...]

Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window. "Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected GitHub Actions workflows containing base64-encoded bash payloads that exfiltrate CI Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the exploitability of individual findings, which frequently affect code whose reachability is hardware-gated. The [email protected]

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the cybersecurity world with its insidious threat of turning any innocent application into a dangerous foothold in a victim’s network. Now one group of cybercriminals has turned that occasional nightmare into a near-weekly episode, corrupting hundreds of open source tools, extorting victims for profit, and sowing a new level of distrust in an entire ecosystem used to create the world’s software.

On Tuesday night, open source code platform GitHub announced that it had been breached by hackers in one such software supply chain attack: A GitHub developer had installed a “poisoned” extension for VSCode, a plug-in for a commonly used code editor that, like GitHub itself, is owned by Microsoft. As a result, the hackers behind the breach, an increasingly notorious group called TeamPCP, claim to have accessed around 4,000 of GitHub’s code repositories. GitHub’s statement confirmed that it had found at least 3,800 compromised repositories while noting that, based on its findings so far, they all contained GitHub’s own code, not that of customers.

“We are here today to advertise GitHub’s source code and internal orgs for sale,” TeamPCP wrote on BreachForums, a forum and marketplace for cybercriminals. “Everything for the main platform is there and I very am happy to send samples to interested buyers to verify absolute authenticity.”

Read full article

Comments

In 2025, we observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and Belarus. Behind some of this activity is Cloud Atlas, a group we have known since 2014. During our investigation, we identified new tools used by this group, as well as indicators of compromise.

The group is back to sending out archives containing malicious shortcuts that launch PowerShell scripts. This technique is employed in addition to the previously described use of malicious documents, which exploit an old vulnerability in the Microsoft Office Equation Editor process (CVE-2018-0802) to download and execute malicious code. We have observed the use of third-party public utilities (Tor/SSH/RevSocks) to gain a foothold in infected systems and create additional backup control channels.

Technical details Initial infection

As for the primary compromise, Cloud Atlas remains consistent in using phishing. In the observed campaigns, the attackers emailed a ZIP archive containing an LNK file as an attachment.

Malware execution flow

Attackers use LNK shortcuts to covertly execute PowerShell scripts hosted on external resources. The command line of the shortcut:

Example of the PowerShell script downloaded and executed by the shortcut:

Example of the PowerShell script downloaded by the shortcut

Actions performed by the downloaded PowerShell:

Step Action Description 1  Drops “$temp\fixed.ps1” Pre-staging: places the main payload locally in advance to ensure an execution capability independent of subsequent network connectivity or C2 availability. 2 Creates “Run” registry key “YandexBrowser_setup” for “$temp\fixed.ps1” startup

Early persistence: guarantees execution upon the next logon or reboot. If the script is interrupted during later stages, the payload will still activate automatically. 3 Downloads and drops “$temp\rar.zip”
Extracts “*.pdf” from the downloaded  “$temp\rar.zip” Payload delivery: retrieves the decoy archive from the remote server to prepare user-facing content for the distraction phase. 4 Extracts “*.pdf” from the downloaded  “$temp\rar.zip” Decoy preparation: unpacks the legitimate-looking document so it can be executed silently without requiring user interaction. 6 Opens extracted decoy document “*.pdf” with user’s default software User distraction: opens a convincing document to maintain user engagement and creates a legitimate workflow appearance to buy additional 30–120 seconds for background operations. 6 Executes  “taskkill.exe /F /Im winrar.exe” Process concealment: terminates the archive extractor to prevent the user from seeing the archive contents or noticing unexpected file extraction activity. 7 Searches and deletes “rar.zip”, “*.pdf.zip” and “*.pdf.lnk” Anti-forensic cleanup: removes the initial infection artifacts before activating the main payload, reducing the number of disk traces available for incident response or EDR correlation. 8 Executes  “$temp\fixed.ps1” Controlled execution: launches the main payload only after persistence is secured, the user is distracted, and access traces are cleaned up. Fixed.ps1 (loader)

The primary purpose of the Fixed.ps1 script is to deliver and install subsequent malware onto the compromised system, specifically VBCloud and PowerShower. Fixed.ps1 establishes persistence (by adding itself to registry Run keys), creates a decoy for the user (by opening a PDF document), and executes the next stages of the attack.

Fixed.ps1::Payload (VBCloud dropper)

Example of the fixed.ps1::Payload (VBCloud dropper)

This module functions as a dropper for the VBCloud backdoor. It drops two files onto the infected machine:

• video.vbs: the loader of the backdoor,VBCloud::Launcher. This is a VBScript that decrypts the contents of video.mds (typically using RC4 with a hardcoded key) and executes it in memory.
• video.mds: the encrypted body of the backdoor, VBCloud::Backdoor. This is the main module that connects to a C2 server to receive additional scripts or execute built-in commands. This backdoor is designed to function as a stealer, specifically targeting files with extensions of interest (such as DOC, PDF, XLS) and exfiltrating them.

Fixed.ps1::Payload (PowerShower)

This module installs a second backdoor called PowerShower on the system. We don’t have the specific script that performs this installation, but we assume it’s performed by a script similar to fixed.ps1::Payload (VBCloud dropper).

Unlike VBCloud, which focuses on file theft, PowerShower is primarily used for network reconnaissance and lateral movement within the victim’s infrastructure. PowerShower can perform the following tasks:

• Collect information about running processes, administrator groups, and domain controllers.
• Download and execute PowerShell scripts from the C2 server.
• Conduct “Kerberoasting” attacks (stealing password hashes of Active Directory accounts).

PowerShower is dropped onto the system via the path ‘C:\Users\[username]\Pictures\googleearth.ps1’.

Contents of the googleearth.ps1(PowerShower)

PowerShower::Payload (credential grabber)

PowerShower downloads an additional script for stealing credentials. It performs the following actions:

• Creates a Volume Shadow Copy of the C:\ drive.
• Copies the SAM (stores local user password hashes) and SECURITY system files from this shadow copy to C:\Users\Public\Documents\, disguising them as PDF files.
• The script is launched in several stages. To execute with high privileges, the script uses a UAC bypass technique via fodhelper.exe (a built-in Windows utility). This allows PowerShell to run as an administrator without directly prompting the user, which could otherwise raise suspicion.

The full launch chain looks like this:

The full Base64-decoded script is given below.

Multi-user RDP by patching termsrv.dll

Moving laterally across the victim’s network, the attackers executed a suspicious PowerShell script named rdp_new.ps1 (MD5 1A11B26DD0261EF27A112CE8B361C247):

The script is designed to allow multiple RDP sessions in Windows 10 by patching the termsrv.dll file. Termsrv.dll is the core Windows library that enforces Remote Desktop Services rules.

By default, Windows limits the number of simultaneous RDP sessions. Removing this restriction allows attackers to operate on the machine in the background without disconnecting the legitimate user, thereby reducing the likelihood of detection.

At first, the script enables RDP on the firewall and downgrades the RDP security settings:

Before modifying termsrv.dll, the script takes ownership and assigns itself full permissions. Then the script finds the sequence of bytes 39 81 3C 06 00 00 ?? ?? ?? ?? ?? ?? and replaces it with B8 00 01 00 00 89 81 38 06 00 00 90. After these manipulations, the script restarts the RDP service.

Example of script

The patched version allows multiple concurrent logins so attackers can stay connected without disrupting the legitimate user, thereby reducing suspicion.

Reverse SSH tunneling

As mentioned above, during this wave of attacks, the adversaries widely deployed reverse SSH tunnels to many hosts of interest. The compromised machine initiates an SSH connection to an attacker-controlled server, which allows attackers to bypass standard firewall rules via establishing outbound connections.

That way, even if the primary backdoor is discovered, the attackers can maintain control through the SSH tunnel.

To install a reverse SSH tunnel on a victim’s host, the attackers run VBS scripts via PAExec or PsExec.

We’ve seen three types of scripts:

• Gen.vbs (WriteToSchedulerGenerateKey.vbs) generates key for SSH tunnel.
• Run.vbs (WriteToSchedulerRunSSH.vbs) runs reverse SSH tunnel.
• Kill.vbs (WriteToSchedulerKillSSH.vbs) stops reverse SSH tunnel via taskkill.exe.

To achieve persistence, the attackers added a new scheduled task in Windows:

In some cases, before establishing a reverse SSH tunnel, attackers set new access permissions to the folder containing the private key to prevent the legitimate user or system administrators from easily accessing or modifying it:

Patched OpenSSH

Some OpenSSH binaries used by the attackers had their imports modified. Instead of libcrypto.dll, the SSH executable imports syruntime.dll, which was placed in the same folder as the binary. This was likely done to evade detection and ensure stealth.

In addition, we found a portable version of OpenSSH, presumably compiled by the adversaries:

RevSocks

In addition to Reverse SSH tunnels, the attackers installed RevSocks using the same infrastructure. RevSocks is an alternative tool to SSH for establishing tunnels and proxy connections, written in Golang. This tool allows direct connection to workstations on the local network. It also allows attackers to gain access to other segments of the victim’s network by using the machine as a gateway. In some cases, C2 addresses were hardcoded into the binary; in other cases, the C2 was passed in command line arguments.

There were also reverse SOCKS samples with hardcoded C2 addresses:

Tor tunneling

To maintain control over the compromised host, the Tor network was used in some cases. A minimal set of a Tor executable and configuration files, necessary for launching HiddenService, was copied to the system directories of infected devices. The name of the Tor Browser executable file was modified. As a result, the infected machine was accessible via RDP from the Tor network when accessing the generated .onion domain.
Below is an example of a configuration file for routing connections from Tor to RDP ports on the local network, as well as example command lines for logging into Tor.

Example of TOR configuration file

PowerCloud

We analyzed a new Cloud Atlas tool, PowerCloud. It collects user data with administrator privileges and writes this information to Google Sheets in Base64 format.

The tool represents an obfuscated PowerShell script. In most cases, it is packaged into an executable file using the PS2EXE utility, but we have also encountered variants in the form of a separate PowerShell script.

To find administrators on the victim host, the tool executes the following command:

This information is appended with the computer name and current date, the data is encoded in base64, and then the collected data is added to an existing Google Sheet.

PowerCloud script

Browser checker

Additionally, the attackers used another PowerShell script (MD5 5329F7BFF9D0D5DB28821B86C26D628F), compiled into an executable file via PS2EXE, which checks whether browser processes (Chrome, Edge, Firefox, and other) are running. This helps detect when the user is working on the computer. This can be used to choose the optimal time for conducting attacks (for example, when the user is away but their browser is still open) or simply to gather information about the victim’s habits.

The information about running browsers is written to a log file on the local host.

Fragment of the deobfuscated script

Victims

According to our telemetry, in late 2025 and early 2026, the identified targets of the described malicious activities are located in Russia and Belarus. The targeted industries mostly include government agencies and diplomatic entities.

We attribute the activity described in this report to the Cloud Atlas APT group with a high degree of confidence. The group used techniques and tools described previously, such as the initial access vector, the Python script for information gathering, and the Tor application for forwarding ports to the Tor network. The victim profile and geography also matches the Cloud Atlas targets.

We couldn’t help but notice some parallels with recent Head Mare activity. The PhantomHeart backdoor (available in Russian only), attributed to Head Mare and used to create an SSH tunnel, was placed in directories actively used by Cloud Atlas:

• C:\Windows\ime
• C:\Windows\System32\ime
• C:\Windows\pla
• C:\Windows\inf
• C:\Windows\migration
• C:\Windows\System32\timecontrolsvc
• C:\Windows\SKB

However, TTPs are still differentiated.

Conclusion

For more than ten years, the Cloud Atlas group has continued its activities and expanded its arsenal. Over the course of last year, many targeted campaigns in general were found to employ ReverseSocks, SSH and Tor, and the use of these utilities was no exception for Cloud Atlas. Creating such backup control channels using publicly available utilities significantly complicates the complete disruption of attackers’ actions on compromised systems. We will continue to closely monitor the group’s activity and describe their new tools and techniques.

Indicators of compromise

PowerCloud

7A95360B7E0EB5B107A3D231ABBC541A  C:\Windows\wininet.exe
C0D1EAA15A2CEFBAB9735787575C8D8E C:\Windows\LiveKernelReports\update.exe
D5B38B252CF212A4A32763DE36732D40   C:\Windows\ime\imejp\dicts\i39884.exe
3C75CEDB1196DF5EAB91F31411ED4B33  C:\pla\reports.exe
42AC350BFBC5B4EB0FEDBA16C81919C7   C:\ProgramData\update_[redacted].exe
493B901D1B33EB577DB64AADD948F9CE  C:\Windows\migration\wtr\MicrosoftBrowser.exe
2CABB721681455DAE1B6A26709DEF453  C:\Windows\pla\reports\winlog.exe
1B39E86EB772A0E40060B672B7F574F1 C:\Windows\System32\timecontrolsvc\vmnetdrv64.exe
1D401D6E6FC0B00AAA2C65A0AC0CFD6B C:\Windows\setup\scripts\install\software\activation\aact\dfsvc.exe
40A562B8600F843B717BC5951B2E3C29  C:\Windows\branding\scat.exe
F721A76DEB28FD0B80D27FCE6B8F5016  C:\Windows\ime\imekr\dicts\dfsvc.exe
D3C8AFD22BAA306FF659DB1FAC28574A  C:\ProgramData\update_[redacted].exe
6D7B2D1172BBDB7340972D844F6F0717 C:\Users\[redacted]\AppData\Local\1c\1cv8\1cv8ud.exe
C:\Users\[redacted]\AppData\Local\1c\1cv8\svc.exe
9769F43B9DE8D19E803263267FA6D62E C:\Users\[redacted]\AppData\Local\1c\1cv8\1cv8ud.exe
63B6BE9AE8D8024A40B200CCCB438F1D  C:\Windows\notepad.exe
6AA586BCC45CA2E92A4F0EF47E086FA1  C:\Windows\splwow32.exe
EBA3BCDB19A7E256BF8E2CC5B9C1CCA9   C:\Users\[redacted]\Desktop\soc\stant.exe
B4E183627B7399006C1BC47B3711E419  C:\WINDOWS\ime\service.exe
F56B31A4B47AD3365B18A7E922FBA1A8  dfsvc.exe
F6F62456FB0FCC396FB654CBED339BC3   –
25C8ED0511375DCA57EF136AC3FA0CCA   C:\branding\dwmw.exe

Browser checker

5329F7BFF9D0D5DB28821B86C26D628F  C:\ProgramData\checker_[redacted].exe

ReverseSocks

2B4BA4FACF8C299749771A3A4369782E  C:\Windows\PLA\System\bounce.exe
C:\Windows\pla\print_status.exe
BA9CE06641067742F2AFC9691FAFF1DC   C:\ProgramData\hp\client.exe
FB0F8027ACF1B1E47E07A63D8812ED50   C:\Windows\System32\timecontrolsvc\vmnetdrv64.exe
BBF1FA694122E07635DEEAC11AD712F8   C:\Windows\System32\HostManagement.exe
F301AA3D62B5095EEC4D8E34201A4769   C:\Windows\ime\imejp\msfu.exe
F9C3BBE108566D1A6B070F9C5FB03160   C:\Windows\ime\imetc\help\IMTCEN14.exe

Malicious MS Office documents

369B75BDCDED16469EDE7AB8BEDCFAE1
9EAAE9491F6A50D6DF0BE393734A44CB
3E6E9DF00A764B348EC611EE8504ACA0
9BD788F285E32A05E6591D1EB36EBFFC
F42085522EC2EBB16EDCF814E7C330AD
2042EB5D52F0B535A1CE6B6F954C8C2B
2AA1E9765EF6B00B94A9B6BE0041436A
36120F5E9411BCBAC7104EF3FA964ED2
5000A353399500BC78381DC95B6ED2DC
579A9952D31CAD801A3988DBE7914CE7
867B634588C0FD6B26684D502C15AB03
38FA4306FA4406BA31CF171AF4D36E34
83EDDE9F7EEEFAC0363413972F35572B
CC751619BFEC0DC4607C17112B9E3B2C
A632858F14B36F03D0F213F5F5D6BFF2
097CA205AD9E3B72018750280904718C
69121C36EB8BF77962DCA825FCFFD873
C5702EB250F855C8C872FFFB9BB656ED
ED34F5A136FBA4FDEA976570FAA33ED7
0577DB70844E88B32B954906E2F20798
28ECF8FB6719E14231B94B4D37629B0E
0857C84B62289A1A9F29E19244E9A499
0C514E137860F489E3801213460EF938
50568B1F9335A7E3BA4E5DF035A8FB86
7F776AD200287D6DE14A29158C457179
51F7F794ED43FB90D0F8EBBB5EFFE628
B8C753DD254509FBA5077FFD5067EAB0
BC3739DEC8CD8F54F3F60A85F3ED600E
EC076CD21C483A40156F4E40D08DADED
216CB7F31D383C0DD892B284DF05A495
116F59E70A9DF97F4ADAEA71EECB1E9A
7242AC065B50BCDE9308756B49DBADCB
8158552950D2E13B075001CE0C52AA97
A75DBED984963B9AB21309C5B2F8FD9B
0320DD389FDBAB25D46792BD2817675E
5339D1A666F3E40FE756505CF1D87D4B
67D7E3AEEB673BF60C59361C12A4ED81
89572F0ED20791A5AC9FC4267D67CCB0
B6AAE073E7BFEBF4D643C2BBEB5C02E1
344CA9EA07CD4AC90EF27F8890D4EC05

Domains and IPs

Reverse SSH/Socks domains

tenkoff[.]org
cloudguide[.]in
goverru[.]com
kufar[.]org
ultimatecore[.]net
spbnews[.]net
onedrivesupport[.]net

Malicious and compromised domains used in MS Office documents

amerikastaj[.]com
bigbang[.]me
paleturquoise-dragonfly-364512.hostingersite[.]com
wizzifi[.]com
totallegacy[.]org
mamurjor[.]com
landscapeuganda[.]com
lafortunaitalian.co[.]uk
kommando[.]live
internationalcommoditiesllc[.]com
humanitas[.]si
fishingflytackle[.]com
firsai.tipshub[.]net
alnakhlah.com[.]sa
allgoodsdirect.com[.]au
agenciakharis.com[.]br

Powershell payload staging

istochnik[.]org
znews[.]neti
investika-club[.]com
194.102.104[.]207
46.17.45[.]56
46.17.45[.]49
46.17.44[.]125
46.17.44[.]212
185.22.154[.]73
194.87.196[.]163
195.58.49[.]9
93.125.114[.]193
93.125.114[.]57
45.87.219[.]116
37.228.129[.]224
185.53.179[.]136
185.126.239[.]77
5.181.21[.]75
146.70.53[.]171
45.15.65[.]134
185.250.181[.]207
81.30.105[.]71

File paths

VBS scripts

WriteToSchedulerKillSSH.vbs
Create_task_day.vbs
WriteToSchedulerGenerateKey.vbs
C:\Windows\INF\Run.vbs
c:\Windows\INF\install.vbs
Update.vbs
c:\Windows\PLA\System\Gen.vbs
C:\Windows\INF\GenK.vbs
c:\Windows\PLA\System\Kill.vbs
c:\Windows\PLA\System\Run.vbs

ssh.exe

c:\Windows\ime\imejp\Asset.exe
c:\Windows\PLA\System\conhosts.exe
c:\Windows\INF\BITS\esentprf.exe
c:\Windows\INF\MSDTC\RuntimeBrokers.exe
c:\Windows\inf\diagnostic.exe

ReverseSocks

C:\Windows\PLA\System\bounce.exe
C:\ProgramData\hp\client.exe
C:\Windows\System32\timecontrolsvc\vmnetdrv64.exe

Tor client

C:\Windows\Resources\Update\Intel.exe
C:\Windows\INF\package.exe

U.S. and Canadian authorities arrested and charged a Canadian man with operating the KimWolf distributed denial-of-service (DDoS) botnet, which infected nearly two million devices worldwide. [...]