RedStingerRedStinger

Also known as: Bad Magic · RedStinger

Known aliases
2

Profile

In October 2022, Kaspersky identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions. Although the initial vector of compromise is unclear, the details of the next stage imply the use of spear phishing or similar methods. The victims navigated to a URL pointing to a ZIP archive hosted on a malicious web server.

Aliases· 2

Bad MagicRedStinger

References

  1. https://www.malwarebytes.com/blog/threat-intelligence/2023/05/redstinger
  2. https://securelist.com/bad-magic-apt/109087/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Redfly
Actor
Kasablanka
Actor
Operation Red Signature
Actor
RedKitten
Actor
BadRory
Software
Redshot
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.