RU

Angry LikhoAngry Likho

Also known as: Sticky Werewolf · Angry Likho

Origin
RU
Known aliases
2

Profile

Angry Likho is an APT group that has been active since 2023, primarily targeting large organizations and government agencies in Russia and Belarus. Their attacks typically involve spear-phishing emails with malicious attachments, such as RAR archives, and utilize a known payload, the Lumma stealer, for data exfiltration. The group employs a compact infrastructure and has been linked to espionage activities, particularly in sectors like aviation and pharmaceuticals. Their operations have shown a focus on collecting sensitive information, including cryptowallet files and user credentials.

Aliases· 2

Sticky WerewolfAngry Likho

References

  1. https://securelist.com/angry-likho-apt-attacks-with-lumma-stealer/115663/
  2. https://www.morphisec.com/blog/sticky-werewolfs-aviation-attacks/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Awaken Likho
Actor
Mythic Likho
Actor
DarkGaboon
Actor
APT73
Actor
Lilac Typhoon
Actor
BadRory
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.