Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia
Dec 27, 2024
Cyber Attack / Data Theft
The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code," Kaspersky researcher Oleg Kupreev said in an analysis published this week. More than 80% of the targets were located in Russia. A lesser number of victims have been reported from Belarus, Canada, Moldova, Israel, Kyrgyzstan, Turkey, and Vietnam. Also referred to as Clean Ursa, Inception, Oxygen, and Red October, Cloud Atlas is an unattributed threat activity cluster that has been active since 2014. In December 2022, the group was linked to cyber attacks aimed at Russia, Belarus, and Transnistria that deployed a PowerShell-based backdoor called PowerShower. Then exactly a year later, Russian cy...
![⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKokWQpcRQ55ARtaBLhn4X9RCRcf5u5YW7JaJaQrIrcU6A96dBP2IS5th1jhuZX0cQMO04KAMOZDxqEIcPdkAqGmkXMpHzV7L_CECca3FJ_ppgWQh9J0y8D02mSQbw-nzuf-FzDIN412s_F2AO-MGpfr95e-yMTzPjQqkl-WKo8jY1o6XMVvnF7bEmngEk/w72-h72-p-k-no-nu/recap.png "⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]")
