New Attack Group Clasiopa Targets Materials Research Organization in Asia with Custom Malware

Threat Level – Amber | Vulnerability Report
Download PDF

A new attack group called Clasiopa has been observed targeting materials research organizations in Asia using a distinct toolset that includes a custom malware called Backdoor.Atharvan. It is unclear where Clasiopa is based or who they act on behalf of, although there are indications that imply the group may have links to India. The attackers gain access through brute force attacks on public-facing servers and use multiple backdoors to build lists of file names and exfiltrate them. 

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox