German Intelligence Services warn of APT27
Industry: N/A | Level: Tactical | Source: BleepingComputer
An advisory was released by the German Domestic Intelligence services, BfV observing threat activity from APT27 targeting commercial German organizations. In-memory tool, HyperBro, is observed to be utilized from the group as the remote access trojan (RAT). The threat group's motives, shared by the intelligence agency states, "It cannot be ruled out that the actors, in addition to stealing business secrets and intellectual property, also try to infiltrate the networks of (corporate) customers or service providers (supply chain attack)." Additional intelligence from the group overlaps with reports from the security industry detailing APT27 exploiting vulnerabilities in Zoho AdSelf Service Plus and Zoho ManageEngine.
- Anvilogic Scenario: TiltedTemple Campaign