The APT Activity Report highlights significant activities of various advanced persistent threat (APT) groups. During this period, China-aligned groups, such as MirrorFace, expanded their targets to include EU diplomatic organizations while continuing to focus on Japanese entities. These groups increasingly used the SoftEther VPN to maintain network access.
Iran-aligned groups were active in cyber espionage, targeting mainly financial services in Africa, neighboring countries like Iraq and Azerbaijan, and sectors in Israel. They also pursued diplomatic and educational entities in France and the US. North Korea-aligned actors continued their attacks on defense and aerospace sectors in Europe and the US, as well as targeting cryptocurrency developers and NGOs. They misused popular cloud services and began exploiting Zoho cloud services.
Russia-aligned groups focused on cyber espionage, targeting webmail servers with spearphishing emails. They continued to target Ukraine with large-scale campaigns and new malware. Additionally, a Belarus-aligned group was involved in a disinformation campaign against the North Atlantic Alliance.
The report underscores the evolving tactics and expanding targets of these APT groups, emphasizing the need for robust cybersecurity measures to counter these persistent threats
Read the full APT Activity Report Q2 2024 - Q3 2024 to learn more!
ESET products protect our customers’ systems from the malicious activities described in this report. Intelligence shared here is primarily based on proprietary ESET telemetry data and has been verified by ESET researchers, who prepare in-depth technical reports and frequent activity updates detailing activities of specific APT groups.
These threat intelligence analyses, known as ESET APT Reports PREMIUM, assist organizations tasked with protecting citizens, critical national infrastructure, and high-value assets from criminal and nation-state-directed cyberattacks. This report contains only a fraction of the cybersecurity intelligence data provided to customers of ESET’s private APT reports.