CloudSorcerer APT: A Stealthy Cloud Threat Targeting Russia

Threat Level – Amber | Actor Report
Download PDF

CloudSorcerer is a new APT group targeting Russian government organizations. It uses public cloud services and GitHub for stealthy command and control. Their malware gathers sensitive data and leverages legitimate cloud services for exfiltration. While tactics resemble CloudWizard APT, CloudSorcerer’s distinct code suggests a new, potentially inspired group. Their goal is cyberespionage and stealing valuable information.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox